URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Submission: On November 05 via manual from US — Scanned from CH

Summary

This website contacted 131 IPs in 18 countries across 131 domains to perform 628 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
48 151.101.1.44 54113 (FASTLY)
1 2 162.210.196.208 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
3 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
16 185.106.33.48 200478 (TABOOLA-AS)
24 185.132.133.134 49981 (WORLDSTREAM)
5 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:24e... 14618 (AMAZON-AES)
10 23.97.225.52 8075 (MICROSOFT...)
2 3 192.96.203.13 30633 (LEASEWEB-...)
3 151.101.129.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 6 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 54.78.176.215 16509 (AMAZON-02)
4 23 104.18.36.155 13335 (CLOUDFLAR...)
2 34.120.63.153 396982 (GOOGLE-CL...)
2 18.192.226.136 16509 (AMAZON-02)
9 104.22.68.131 13335 (CLOUDFLAR...)
2 3.126.136.176 16509 (AMAZON-02)
5 95.101.149.35 16625 (AKAMAI-AS)
2 6 145.40.97.66 54825 (PACKET)
1 5 35.227.252.103 15169 (GOOGLE)
9 15 37.252.172.123 29990 (ASN-APPNEX)
2 69.173.144.137 26667 (RUBICONPR...)
2 2602:803:c003... 26667 (RUBICONPR...)
8 51.89.9.251 16276 (OVH)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
1 3 54.75.96.107 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 137.74.6.209 16276 (OVH)
11 12 52.59.98.46 16509 (AMAZON-02)
3 3 188.42.191.196 7979 (SERVERS-COM)
1 212.8.250.228 49981 (WORLDSTREAM)
7 141.226.228.48 200478 (TABOOLA-AS)
1 2600:9000:223... 16509 (AMAZON-02)
39 2a00:1450:400... 15169 (GOOGLE)
3 3 104.64.126.246 16625 (AKAMAI-AS)
12 95.101.149.233 16625 (AKAMAI-AS)
16 35.71.131.137 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
3 8 2a05:d018:d29... 16509 (AMAZON-02)
3 4 3.75.62.37 16509 (AMAZON-02)
1 222.230.178.129 2519 (VECTANT A...)
1 167.235.184.171 24940 (HETZNER-AS)
5 9 69.173.144.138 26667 (RUBICONPR...)
10 14 69.173.144.139 26667 (RUBICONPR...)
6 2a00:1450:400... 15169 (GOOGLE)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
2 5 52.95.115.255 16509 (AMAZON-02)
2 4 52.46.151.131 16509 (AMAZON-02)
15 38 142.250.185.130 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
7 7 34.249.4.179 16509 (AMAZON-02)
3 3.120.44.6 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
2 2 52.21.198.14 14618 (AMAZON-AES)
2 3 216.52.2.6 30282 (AS-INAPCD...)
1 133.186.12.18 10010 (TOKAI TOK...)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 91.210.226.71 48314 (IP-PROJECTS)
1 1 89.163.142.91 24961 (MYLOC-AS ...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
5 175.110.113.203 49981 (WORLDSTREAM)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 23.212.89.35 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:e... 15169 (GOOGLE)
3 7 2.16.97.41 16625 (AKAMAI-AS)
5 2a02:26f0:280... 20940 (AKAMAI-ASN1)
4 4 178.250.1.9 44788 (ASN-CRITE...)
1 54.78.254.47 16509 (AMAZON-02)
1 2.23.197.190 16625 (AKAMAI-AS)
4 7 35.244.174.68 15169 (GOOGLE)
1 35.156.144.148 16509 (AMAZON-02)
1 54.155.252.188 16509 (AMAZON-02)
1 54.77.209.136 16509 (AMAZON-02)
7 2001:4860:480... 15169 (GOOGLE)
1 95.101.148.20 16625 (AKAMAI-AS)
3 7 35.244.159.8 15169 (GOOGLE)
2 3 13.248.245.213 16509 (AMAZON-02)
1 13.32.27.7 16509 (AMAZON-02)
2 104.18.38.76 13335 (CLOUDFLAR...)
1 151.101.129.108 54113 (FASTLY)
1 185.84.60.23 198622 (ADFORM)
4 5 37.157.6.243 198622 (ADFORM)
2 52.213.196.228 16509 (AMAZON-02)
4 8 185.86.139.104 201081 (SMARTADSE...)
3 23.218.208.200 16625 (AKAMAI-AS)
7 2600:9000:20d... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
4 34.198.150.224 14618 (AMAZON-AES)
4 216.52.2.48 30282 (AS-INAPCD...)
6 6 46.228.174.117 56396 (AMOBEE)
3 3 2001:678:cb4:... 56396 (AMOBEE)
4 4 193.0.160.131 54312 (ROCKETFUEL)
3 3 69.166.1.67 27630 (AS-XFERNET)
3 3 54.152.214.105 14618 (AMAZON-AES)
1 1 8.2.110.33 46636 (NATCOWEB)
1 1 184.30.24.22 16625 (AKAMAI-AS)
5 5 3.230.249.177 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
4 4 13.32.27.113 16509 (AMAZON-02)
4 4 54.36.150.186 16276 (OVH)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
4 4 54.93.168.0 16509 (AMAZON-02)
1 1 35.208.249.213 15169 (GOOGLE)
2 3 95.101.54.203 20940 (AKAMAI-ASN1)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
5 5 50.31.142.31 23352 (SERVERCEN...)
3 3 54.164.141.233 14618 (AMAZON-AES)
14 34.247.233.198 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
2 142.250.184.226 15169 (GOOGLE)
3 198.47.127.19 3257 (GTT-BACKB...)
1 1 141.95.32.71 16276 (OVH)
1 1 2600:9000:211... 16509 (AMAZON-02)
6 12 198.47.127.18 3257 (GTT-BACKB...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 211.120.53.200 4694 (IDCF IDC ...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 2 2.23.68.89 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 51.195.61.120 16276 (OVH)
1 1 8.43.72.97 26667 (RUBICONPR...)
3 3 162.55.233.29 24940 (HETZNER-AS)
1 185.29.132.241 30419 (MEDIAMATH...)
9 22 185.64.191.210 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 3.127.123.183 16509 (AMAZON-02)
1 1 35.214.129.15 15169 (GOOGLE)
1 2 151.101.194.49 54113 (FASTLY)
1 1 82.145.213.8 39832 (NO-OPERA)
1 63.251.232.165 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
2 3 52.19.8.73 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 198.47.127.20 62713 (AS-PUBMATIC)
2 2 98.98.134.242 21859 (ZEN-ECN)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 1 8.2.108.194 46636 (NATCOWEB)
1 1 37.157.2.230 198622 (ADFORM)
1 2 2a02:2638:3::6 44788 (ASN-CRITE...)
1 35.205.65.172 396982 (GOOGLE-CL...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 99.81.116.253 16509 (AMAZON-02)
3 85.195.93.95 20773 (GODADDY)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
21 46.105.200.240 16276 (OVH)
1 37.157.2.249 198622 (ADFORM)
2 130.211.44.5 15169 (GOOGLE)
1 1 141.94.240.143 16276 (OVH)
2 2 141.94.170.64 16276 (OVH)
1 23.88.86.2 24940 (HETZNER-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.171.214 16276 (OVH)
628 131
Apex Domain
Subdomains
Transfer
74 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
15.taboola.com — Cisco Umbrella Rank: 6402
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
vidstat.taboola.com — Cisco Umbrella Rank: 3029
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
am-wf.taboola.com — Cisco Umbrella Rank: 17326
1 MB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
473 KB
55 googlesyndication.com
de5ff7d7cf1852c496e89b38e97530c5.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
7ab47f7be212df0933e9d71403734c09.safeframe.googlesyndication.com
537 KB
44 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10151
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
115 KB
43 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image8.pubmatic.com — Cisco Umbrella Rank: 662
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
43 KB
29 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
504 KB
27 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
t2.teads.tv — Cisco Umbrella Rank: 25995
t.teads.tv — Cisco Umbrella Rank: 2845
sync.teads.tv — Cisco Umbrella Rank: 1403
s8t.teads.tv — Cisco Umbrella Rank: 5510
1 MB
23 mediaintelligence.de
mediaintelligence.de — Cisco Umbrella Rank: 366424
data.mediaintelligence.de — Cisco Umbrella Rank: 588661
124 KB
23 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
15 KB
21 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
11 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
28 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
301 KB
14 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
5 KB
13 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12394
as.ad4m.at — Cisco Umbrella Rank: 33424
assets.ad4m.at — Cisco Umbrella Rank: 45800
230 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
5 KB
12 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
us-u.openx.net — Cisco Umbrella Rank: 522
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
2 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
ssp-sync.criteo.com — Cisco Umbrella Rank: 1269
3 KB
9 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
9 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
7 KB
9 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
17 KB
8 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
3 KB
8 adform.net
adx3.adform.net — Cisco Umbrella Rank: 59130
c1.adform.net — Cisco Umbrella Rank: 599
cm.adform.net — Cisco Umbrella Rank: 1267
s1.adform.net — Cisco Umbrella Rank: 9253
17 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
5 KB
7 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
4 KB
7 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
1007 B
7 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
978 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
744 B
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
11 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
3 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
5 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
297 KB
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 496
tps.doubleverify.com — Cisco Umbrella Rank: 515
tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 11101
104 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
3 KB
4 mediarithmics.com
cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 4023
1 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
3 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
4 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
d.turn.com — Cisco Umbrella Rank: 1384
2 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
140 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
12 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
3 gsitrix.com
a.gsitrix.com — Cisco Umbrella Rank: 261430
59 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
1 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1851
817 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
4 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
2 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
1 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
2 KB
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 26793
audiencedata.im-apps.net — Cisco Umbrella Rank: 30155
3 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
103 B
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
1 KB
3 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
757 B
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
322 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
745 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
498 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
770 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
701 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
958 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
522 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
180 KB
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
439 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
465 B
1 bliink.io
cookiesync.api.bliink.io — Cisco Umbrella Rank: 10511
175 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3060
496 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
226 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6560
346 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
443 B
1 conrad.ch
www.conrad.ch
493 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
836 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
33 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
456 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3851
357 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
582 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
374 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
423 B
1 shb-sync.com
us.shb-sync.com — Cisco Umbrella Rank: 4200
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
465 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3340
206 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
500 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
483 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1743
324 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
551 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 22807
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 31114
823 B
1 genieesspv.jp
ialaddin.genieesspv.jp — Cisco Umbrella Rank: 40856
643 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
648 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
261 B
1 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 42330
4 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
633 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 53225
155 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
258 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
17 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 audrte.com Failed
a.audrte.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
628 131
Domain Requested by
39 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
www.bg3.co
imasdk.googleapis.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
30 cm.g.doubleclick.net 15 redirects www.bg3.co
googleads.g.doubleclick.net
sync.teads.tv
adpushup-d.openx.net
ssbsync.smartadserver.com
g2.gumgum.com
25 images.taboola.com www.bg3.co
24 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
21 data.mediaintelligence.de mediaintelligence.de
data.mediaintelligence.de
20 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
cs-rtb.minutemedia-prebid.com
eus.rubiconproject.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
16 match.adsrvr.org www.bg3.co
imprammp.taboola.com
am-match.taboola.com
googleads.g.doubleclick.net
sync.teads.tv
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
csync.smilewanted.com
16 il-trc-events.taboola.com www.bg3.co
16 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
14 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
14 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
14 pixel.rubiconproject.com 10 redirects www.bg3.co
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
s0.2mdn.net
pagead2.googlesyndication.com
13 simage2.pubmatic.com 8 redirects ads.pubmatic.com
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 image8.pubmatic.com 6 redirects ads.pubmatic.com
cs-server-s2s.yellowblue.io
12 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
imprammp.taboola.com
www.bg3.co
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
12 x.bidswitch.net 11 redirects am-match.taboola.com
12 ib.adnxs.com 6 redirects cdn.adpushup.com
www.bg3.co
googleads.g.doubleclick.net
acdn.adnxs.com
10 e3.adpushup.com www.bg3.co
9 image2.pubmatic.com 1 redirects ads.pubmatic.com
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 pr-bh.ybp.yahoo.com 3 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
8 onetag-sys.com cdn.adpushup.com
ad.vidverto.io
public.servenobid.com
csync.smilewanted.com
www.bg3.co
7 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
7 csi.gstatic.com imasdk.googleapis.com
7 idsync.rlcdn.com 4 redirects sync.teads.tv
ssum-sec.casalemedia.com
7 sync.teads.tv 3 redirects a.teads.tv
sync.teads.tv
7 t2.teads.tv www.bg3.co
7 match.prod.bidr.io 7 redirects
6 assets.ad4m.at as.ad4m.at
6 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
6 prebid.a-mo.net 2 redirects cdn.adpushup.com
www.bg3.co
5 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
5 b1sync.zemanta.com 5 redirects
5 i.liadm.com 5 redirects
5 sync.1rx.io 5 redirects
5 c1.adform.net 4 redirects ads.pubmatic.com
5 s8t.teads.tv www.bg3.co
5 cdn.vidverto.io www.bg3.co
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
ads.pubmatic.com
5 ad4m.at www.bg3.co
ad4m.at
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
5 rtb.openx.net 1 redirects cdn.adpushup.com
5 a.teads.tv cdn.adpushup.com
a.teads.tv
5 htlb.casalemedia.com cdn.adpushup.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
googleads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 pm.w55c.net 4 redirects
4 cookie-matching.mediarithmics.com 4 redirects
4 live.rezync.com 4 redirects
4 p.rfihub.com 4 redirects
4 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
4 cs-server-s2s.yellowblue.io public.servenobid.com
ads.pubmatic.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
4 cms.quantserve.com 4 redirects
4 dis.criteo.com 4 redirects
4 s0.2mdn.net imasdk.googleapis.com
www.bg3.co
s0.2mdn.net
4 s.amazon-adsystem.com 2 redirects www.bg3.co
ssum-sec.casalemedia.com
4 ups.analytics.yahoo.com 3 redirects am-match.taboola.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 a.gsitrix.com mediaintelligence.de
a.gsitrix.com
3 am-wf.taboola.com vidstat.taboola.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 sync.richaudience.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 sync.srv.stackadapt.com 3 redirects
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 secure.adnxs.com 3 redirects
3 ssp.disqus.com 3 redirects
3 sync.go.sonobi.com 3 redirects
3 ad.turn.com 3 redirects
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 us-u.openx.net 1 redirects adpushup-d.openx.net
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 t.teads.tv www.bg3.co
3 ce.lijit.com 2 redirects www.bg3.co
3 match.sharethrough.com www.bg3.co
public.servenobid.com
cs-server-s2s.yellowblue.io
3 secure-assets.rubiconproject.com 3 redirects
3 ads.betweendigital.com 3 redirects
3 sync.aralego.com 2 redirects ads.aralego.com
3 http-intake.logs.datadoghq.com cdn.adpushup.com
3 trc.taboola.com cdn.taboola.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 region1.google-analytics.com www.googletagmanager.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 cdn.doubleverify.com mediaintelligence.de
www.bg3.co
2 ssp-sync.criteo.com 1 redirects csync.smilewanted.com
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 mediaintelligence.de as.ad4m.at
mediaintelligence.de
2 www.awin1.com 1 redirects as.ad4m.at
2 creativecdn.com 2 redirects
2 as.ad4m.at ad4m.at
as.ad4m.at
2 googleads4.g.doubleclick.net www.bg3.co
2 bh.contextweb.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 www.google.com tpc.googlesyndication.com
2 fonts.gstatic.com ad.vidverto.io
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
2 sync.ipredictive.com 2 redirects
2 capi.connatix.com 1 redirects www.bg3.co
2 pixel.tapad.com 1 redirects www.bg3.co
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 bidder.criteo.com cdn.adpushup.com
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 grid.bidswitch.net cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 prebid.media.net cdn.adpushup.com
2 fonts.googleapis.com cdn.taboola.com
securepubads.g.doubleclick.net
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 tpsc-ew1.doubleverify.com cdn.doubleverify.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 tps.doubleverify.com cdn.doubleverify.com
1 s1.adform.net data.mediaintelligence.de
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 ads.playground.xyz 1 redirects
1 cookiesync.api.bliink.io csync.smilewanted.com
1 cm.adform.net 1 redirects
1 us.ck-ie.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 www.conrad.ch as.ad4m.at
1 tg.socdm.com 1 redirects
1 cdnjs.cloudflare.com s0.2mdn.net
1 visitor.omnitagjs.com 1 redirects
1 u.openx.net 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 s.ad.smaato.net 1 redirects
1 ws.rqtrk.eu 1 redirects
1 match.deepintent.com g2.gumgum.com
1 dsp.nrich.ai 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 trace.mediago.io 1 redirects
1 s.company-target.com 1 redirects
1 d.turn.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 hbx.media.net 1 redirects
1 us.shb-sync.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 eu-u.openx.net adpushup-d.openx.net
1 adx3.adform.net imasdk.googleapis.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 sync.springserve.com sync.teads.tv
1 beacon.krxd.net sync.teads.tv
1 aa.agkn.com sync.teads.tv
1 tags.bluekai.com sync.teads.tv
1 loadm.exelator.com sync.teads.tv
1 audiencedata.im-apps.net dmp.im-apps.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 7ab47f7be212df0933e9d71403734c09.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 ialaddin.genieesspv.jp www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 beacon-ams3.rubiconproject.com www.bg3.co
1 vidstatb.taboola.com www.bg3.co
1 inv-nets.admixer.net ad.vidverto.io
1 pixel.quantserve.com www.bg3.co
1 js.genieessp.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 imprammp.taboola.com vidstat.taboola.com
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 15.taboola.com cdn.taboola.com
1 de5ff7d7cf1852c496e89b38e97530c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 a.audrte.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 static.bg3.co Failed www.bg3.co
628 214
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4
2023-05-22 -
2024-06-22
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-24 -
2023-12-24
a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1
2023-08-11 -
2024-07-12
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
ad.vidverto.io
R3
2023-09-24 -
2023-12-23
3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-22 -
2024-03-22
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-18 -
2024-04-17
a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-19 -
2023-11-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01
2023-04-29 -
2024-05-27
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-10-28 -
2024-01-26
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
*.a-mo.net
R3
2023-10-06 -
2024-01-04
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-08 -
2023-11-26
a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA
2022-11-21 -
2023-12-22
a year crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1
2023-03-31 -
2024-04-30
a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-13 -
2024-04-13
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
cdn.vidverto.io
R3
2023-09-23 -
2023-12-22
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4
2023-10-05 -
2024-01-03
3 months crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-29 -
2024-06-11
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02
2023-02-21 -
2024-02-05
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-25 -
2024-06-18
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-14
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01
2023-05-01 -
2024-05-29
a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2023-01-03 -
2024-02-04
a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02
2023-04-18 -
2024-05-16
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-16 -
2024-04-16
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02
2023-02-08 -
2024-02-15
a year crt.sh
mediaintelligence.de
Thawte TLS RSA CA G1
2022-11-24 -
2023-12-25
a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-10 -
2024-03-09
a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-30 -
2024-04-29
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-03 -
2024-03-31
a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-13 -
2024-11-10
a year crt.sh
*.iprom.net
R3
2023-08-16 -
2023-11-14
3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.api.bliink.io
GoGetSSL RSA DV CA
2023-05-22 -
2024-06-21
a year crt.sh
a.gsitrix.com
R3
2023-09-18 -
2023-12-17
3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-05-07
a year crt.sh
data.mediaintelligence.de
R3
2023-09-15 -
2023-12-14
3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2023-09-29 -
2024-09-28
a year crt.sh
truffle.bid
R3
2023-10-24 -
2024-01-22
3 months crt.sh

This page contains 112 frames:

Primary Page: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Frame ID: 6B9C0EF59FAE2B229F68D1F0D34CD39A
Requests: 219 HTTP requests in this frame

Frame: https://de5ff7d7cf1852c496e89b38e97530c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 352AE0AD0EC2F8367AD1BD182D211463
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxK-SLvz76MMYxuRSk_TsZt9P7jmid2vbY4TjPsrdAXL0kY3r26mnyj8gR_sGjd0Q88XCpoeLQaa__p-7adBhcJRNKunhHtcg0b70w6NUgLsrv6NYHHlc5EtNmvmr28RpfRVszvmla7tp_AHpM1Lyw1kApth4qLSxkDYuzjy6iy8qpjQssy6CX2HIBiR5ylSG90rOyEK4Cq7guwY_Clk3hmWHbAmQa7dZoNind7Mw6z8mGsH_Xa8GwM0KJSD5KsPaV0Yjt9JWN23PJTFJT3qK7SW1fKWps_WebrbM4Uy2o4f_4Umfbkw8t6_418Pwz-Cv_OA&sai=AMfl-YRw1FbQDtOlNPYYQOfClF2-79lMKx5Ntf3Tzf2uUrIiEBuHSvL3BCfp2vtLW8lGvdmpnZcHNZpmmv805hV8SY_KHOqihsms1eb6DtI7XngsyDhxwuJHsCRudOBHkCoAv2HG9OpDjheI0gIZRiDK&sig=Cg0ArKJSzD74fEinjX5AEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2D1A326EDF5B00EB4AC97E43EE6AAB3F
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: F20BA1161B8D77EA676F6984E8824295
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&cmcv=&pix=undefined&cb=1699178651213&uv=144919960&tms=1699178651213&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8d793beb-e12c-4788-89d5-4c1a35531eef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 6E5C99999851C02304ADD004BDC979BC
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 35FEE6B75A1BBF65C1CE1371A0916FC5
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 236B8834BB8B11C4EAD83879ADDBB141
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E2A6EB8DF66D1068F3638E2688E8574C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 912E6292A94916BD99A02A58066C7E3A
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 60B95C47CC97C0057D552F69D17C8C28
Requests: 2 HTTP requests in this frame

Frame: https://js.genieessp.com/t/550/967/a1550967.js
Frame ID: 05D4FFC34AA10180A0806E0328022973
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 707080DEA1E8538320620FFACD594EDC
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: B16BE58797F3C8B2612C9A8C48AD96A2
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSkM5bTl5fx2zbXCNjY3K3iQP9Y0ieLqeidd4DyTNwDMBmZ2kF2A7w9CAwhTE7YpJBJdyOT2lz2akGxSsoSaibMtIqosQE5nsf3lxuA-vo1WwyOoUBtijmdk85kbf3c_1rx6sD8gk9SgzYVLFxo6y42dIzYI5S2AnefMiUmYmFx70IJhrdekZ92dwSqll56vjILe_JqN8RxI8bXRiyXU0MpWEz-uHpA6wlPPOQ6nlQTr-J-cYy8pf6X_ohtLZIkMgi04xZKVntUsOC6Ac9qyvQcxexeZ1M3S_4iRmFiO0b-IBpacU4RNM6wwZMJ34IQYpI8UGdfIe1554anVuyIKsUAiBO7POh&sai=AMfl-YTT18thqbs0Fwx0r6iq-Y1p4AZeSf4AnAR83funI1rI9Sdvn3bKha-QIvh3K6yRqURyu32qLFtmMIVg6Cvj6XaKMmj8phGI6bxLpnTwtcazQTHFbBMJ6vfgJRYRBGU&sig=Cg0ArKJSzKR9uSH9mNbVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0F319887FC975DF498C200AEF8C4338A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: C2F4189B4E1E6F4A9154CF9BB780FC5F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur9oXdv2ee8-wJX6GuAM2hCprmJwGowePL76YInQFlmIx4Bwbz4NkURYO6jeUFq84Cl_VRQ3aHQM6tk-yKzCsUV9qSDMGgABC9HNcuOhGf6pK5oE3DlTGiOVsr-5pZqjnqyDdlie3z1JUsPyqrTl70evuKrGUnDTeNY5XOl0mL95xRTFOxIaz6XgCaj7xKLjcaRFNJyld-R2tfIuA5545RRlTZTkWaIhPI_d7crndUt93kLMI5h-4XmcZYu4NneE7XSXAG00oREzLT5hRLw8UvAFcgHsRA3kF8qx64FLQ49wwf631czkhqeZJxLf4j1z6DnfQT-9t4s9ATEEw_HL4CWV5zAXfA&sai=AMfl-YT72twMh07-gHxxoX8_yi2NNoZDH-ZzizxbTHPnPv71s8jeMunn-zKYhdWg7uba0Ss_FnY_SXsRfBL4NdVZpek3SOMuz9tZEbQ7G_7ihCpuT3eLNxBr7SrkWTOEYw0&sig=Cg0ArKJSzOvrlooED7VqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0952436ECB2F48B05BA102A0240BB1B4
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNUqiwA_DAOZC7jiGPnI261KImyeKhp8XgoY7rKqWehGGEQPrYL5TN4_5__ZaPfX4g1xQRZMwdFaosul3ZpSgQZ-qaXmjA
Frame ID: 3276065BB602D7F7612C5C71870FDA9D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: 3D6962961808AC3A4114AD8308A50CAD
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 09355112D462109E87B8879D0204C910
Requests: 1 HTTP requests in this frame

Frame: https://7ab47f7be212df0933e9d71403734c09.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 06E0476F5D0FE8F776081736DF2BF02B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Frame ID: 594AE197A8D5F702C9BC88616C2225AB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Frame ID: 386E7EE3A10015CA4B635CD65E3D3D42
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F5DF666A9164881CEE13F3FAA051E25C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 46A00BED3528D4F7F38C73B35D2B9BA1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A2B34E877640EF791E88D3FC0A637D4C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRi_vNP7ATAB&v=APEucNUiPk7VGmTp5zb1UNf4gYS0pnaADNSAva2RkeyiTStQkM7IRpKvKjy2zom_SAFMRXY0UoVmosfRFK8FCNfYUquOVKy2Rg
Frame ID: 31D99559320EBE44366F2FF02B5DDA3E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3DA1608498D1CF7C622236C2A417ED4D
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: FEC28CA72FF8DA2270DA1A03B53C3687
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E853CF7E2FD61DCA219A5B6FAD1CA25E
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Frame ID: 9B9921F8FE3B910B8C9BA8A68D3795BC
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: 63F6D54EBCC4C178CE7C3FC7BA9DAF8B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B833D2D62A9A45509C3AF6C1C4D20344
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 3A5E097A9F245C9CBC447DBD9AEBE3E4
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: E64BB1A15105F3AFDAEAD4834D11306F
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: CD2BF9DEFE221F1867A81372504436F4
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 1F45E198670BCC92376CF7362F34EF78
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1699178651615
Frame ID: 86C318A8B8729E9D68DA407335D6BB6E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8A22A9F7CF92DE1B46B4BE166C2B9683
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 97D2FFAA8432804195CF6D08B25F4599
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 19B455839D62049D589BB53DE15789CA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DE2F7E44D18DBD0297BABA7540B9DBA5
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6B84758D048484FDCABB91895FE98228
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45C5B8AC3615459F3AA992B88944B413
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4FE1F6B7E7FDF8579D4E86BDB812B759
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: EEBCB4BA8550DFAF78F356FDE983710A
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 50E08893E6A557015636E2CE28F04B80
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 73724B637C4CEE8F694279757B908C50
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 632DFBD0F76145C585869CDC116CDBA3
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: CA40DD84D7C3C90753AD5485F8ED9766
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: B1315A83C5767AC9EAC30E3716E7C7C5
Requests: 23 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 31AF4519BDE81315529F6D6EB1DDFC48
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 576C9E7CCBD71D954E428C4E6470EDBC
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 3B33F03D8EBB004190479713F29F425B
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17797787773815615088/index.html?e=69&leftOffset=0&topOffset=0&c=hqo7bnTee7&t=1&renderingType=2&ev=01_250
Frame ID: 6742AC9518AE0590A104AC89C4A9D9E9
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Frame ID: 2926B6E31C055A963E26EAF71B915DC3
Requests: 11 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=4365169368219957760&gdpr=0&gdpr_consent=
Frame ID: F363067B0CA0D23DC9E6B5C933DD244E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wYzczYTYzYS04YWIxLTRkNjEtYmI0NS0xY2ViZDc5N2YzNDU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 0C512A3438F132ABEE680C82AAE9DF80
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2B4F90B44FB4472BCFCF357D754EA9E7
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 91D925E936B9B12A5C0CE0DB5EA9E885
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7A33C53930AEB76C71922BC03773099B
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZUdooMCo5r8AAAiukZQAAAAA
Frame ID: 4578711B19147EB10D91F15B903CD8CE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=KXWhMQCskTN1IeTZXbCj&pi=gumgum&tc=1
Frame ID: 7A8D07C83563A9ED4B207FF22EAC75BE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: BC484C00583D7657BF01A2987785B5E4
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 9CF9A6667ADD554A1C4971331D3BDAD1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: AF910854F17CB41BADA3C2B3E23FD01E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 02B29A4D38245B9FB01761C999A4C72B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: 6729A2BA4FD00383AC7B446BBA8F6117
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3C332C13D0CD3FFC1BE9C6EFDCDB3A49
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
Frame ID: 33C8F86D00177BDBB7DE32BBC8966700
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 0F786F6565B5CB2E5AE3120D40361D38
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 5B606AF983ADBAB77405B25C3D894F7A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&redir=true&gdpr=0&gdpr_consent=
Frame ID: 48872085193BC495855FB4239E77F119
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kTUhWpE4LA6KNiJUlTI4XZFhIluKYXELwTRGJlec
Frame ID: 90836151CE3697191A9AAD9E60B5B926
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Frame ID: 860685B3F56382A822A134199027D265
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 3E8DC37BF671C1478DD4372D2C2EBCF8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 5FC7E3487610009CF66C7CB798E5E0AE
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 8E33064F1D2B723D989D430F9A7D06ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: C7C2C673546A582025D3B9DDB35D5DC9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYHE7KjtEAABi-8U8OSA&gdpr=0&gdpr_consent=
Frame ID: C53DF66B0B6AC8ADC031B85F3FCCC098
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZUdooAABdUVErQAU
Frame ID: 8A7D03A6E4ACD4F68F53C4D42B52012B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU82cbf16a609a4c99aac7f0bc5e1bf659
Frame ID: F75039CD1B926B5FD942C472ED0614E0
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 8F62292493B4A96C07D7215E7AB029C1
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D56E98670BC139D6D77F41AC8C2E8CE1
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 603C83ABD13F13E3C677AA9F88F787C3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1829029783605596279
Frame ID: 5EFEB3A75DC1CF9CFFA2D4AC8395D35B
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Frame ID: C5BB9DB4744E9A00BF453E862F9A7010
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: C0AFD843FD55E63935FF109772A2FF60
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 17C9F823AA9EA16B0DBE97F07E7005A0
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Frame ID: 645E574DC1F53DFBF8D589A13574082F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7248575707
Frame ID: 3E4621BA0878A055C380C9997A0E2F6F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/0152d61b-5cba-5235-b79b-c321d2dcabbd
Frame ID: 7EAE92EBF877C9B40C2A907A7D0EE5CE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3f7a3ab3b62d3aaff63243f5e2ab1a6c5af685a65e2ea728bab7620f54081a09
Frame ID: FE06DFF0DB76A497EBCFC8AD0E444F5A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/4365169368219957760
Frame ID: DEA6D5FE82C7BE46BD997DBA361AEED8
Requests: 1 HTTP requests in this frame

Frame: https://ssp-sync.criteo.com/user-sync/match?p=&u=330265bf-f52f-44ea-a3cf-f9ea286f4b9c
Frame ID: 9672EDAD5C5C53C8000FB8E9F0AC5F1A
Requests: 1 HTTP requests in this frame

Frame: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Frame ID: 7A1D2B820DC3F0BB18418DE39EC355B4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/78799c6a3124dbcab4ae5cebb5a35181?gdpr_consent=&gdpr=0
Frame ID: 349C6BEA9F2A205561247D9F754001B1
Requests: 1 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1699178656
Frame ID: 73C096CC0E15D8F601C1592542E03ACE
Requests: 5 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Frame ID: 6D4A4EA41B1C2A0BD91497FE1198DE89
Requests: 22 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4866.js
Frame ID: 3E096D678EC57712A74090689D5BB0D3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Frame ID: 9C4B262A2E12D2BD7EC8AC5DCE618247
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7636562F4EC2A40D707AA753DD06D831
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE2BE58DFDFE8271EB22BB05976030B8
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=
Frame ID: 94ECA15067F0368FBB3760A50DAECCD9
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5687C96A6E795393F0B983CEC32DC0D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjnRYWVnWaSTbQS&gdpr=0&gdpr_consent=
Frame ID: 018BBB8CB14516584D1D8FDA3B3F527F
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 8B2F2EE7C348045B369BB9B48F2B6589
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 79686C480C620ADADD9830B8C458A276
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 06EC21CB26F18102F9342C525587D489
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1699211420
Frame ID: 7E2E284647A64735EA2D18255BC2A0C9
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Frame ID: CCBDB4222F79F781CA5FA9AE98F5D1EF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Frame ID: 28A3866326698CF4E0B542DBE82D6ACD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Frame ID: D563218B430C943D3B66F1A4FC58EF26
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

新化警1日破2竊案 新化警友會頒獎表揚 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

628
Requests

80 %
HTTPS

25 %
IPv6

131
Domains

214
Subdomains

131
IPs

18
Countries

7203 kB
Transfer

21510 kB
Size

216
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 145
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=f42ebbe5-cd2b-4b2e-965a-f939dfd707ec&p_id=23
Request Chain 146
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=812592df-482f-48ec-a7c3-7e740bda025f&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=812592df-482f-48ec-a7c3-7e740bda025f&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-5217734882795353768 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=0152d61b-5cba-5235-b79b-c321d2dcabbd&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&p_id=15
Request Chain 159
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 160
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 216
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOLB3IFW-1C-2D87 HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOLB3IFW-1C-2D87 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 234
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y1IxFxW1R56vYHxvL1l8fg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y1IxFxW1R56vYHxvL1l8fg
Request Chain 235
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4oxOSTm8Q_62s51iTjir1A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4oxOSTm8Q_62s51iTjir1A
Request Chain 236
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTg4OTE4ZWIxZDM0ZmZjOWU5YjE5Yzk4MDlmNTE2NDU1NWU2YjI3Zg
Request Chain 238
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9MQjNJRlctMUMtMkQ4Nw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHjZXSwWdEauZDAXzHLwvx8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9MQjNJRlctMUMtMkQ4Nw==&google_push=
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECOkNIR2aWCfOlRXOILOAYE&google_cver=1
Request Chain 240
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOLB3IFW-1C-2D87
Request Chain 241
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/PUaet4o300Wx4qiUXek-Hcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-R.SYbNtE2oIkwBe3RFFq9XFjuDZqB0FK9KlZ3g--~A
Request Chain 242
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADYHE7KjtEAABi-8U8OSA&expires=30
Request Chain 243
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOLB3IFW-1C-2D87
Request Chain 244
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOLB3IFW-1C-2D87
Request Chain 245
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOLB3IFW-1C-2D87 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOLB3IFW-1C-2D87
Request Chain 246
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOLB3IFW-1C-2D87
Request Chain 247
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOLB3IFW-1C-2D87&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOLB3IFW-1C-2D87&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 248
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=45d183f6-784b-4200-92b5-c2dd62722804&expires=30
Request Chain 249
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOLB3IFW-1C-2D87
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEADsvmaILxyxxQ7demb3piM&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEADsvmaILxyxxQ7demb3piM&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=3f32daf882ff0df953c51198072a273e&uid=3f32daf882ff0df953c51198072a273e&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1&C=1
Request Chain 320
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUdonnUBhaXLGOaTV5j8PwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIXDOuIZs84Qj8rjfNYEIXY&google_cver=1
Request Chain 322
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwNTU5NDE3OTY2NDcxOTM1
Request Chain 328
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=f6e093ab-4ea6-40df-83d5-94a87750e8e1&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1699178654908 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjZlMDkzYWItNGVhNi00MGRmLTgzZDUtOTRhODc3NTBlOGUx
Request Chain 330
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1699178654908 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=4db5e908-fa87-402c-80d0-db8dc049adaf&gdpr=0
Request Chain 331
  • https://pr-bh.ybp.yahoo.com/sync/teads/f6e093ab-4ea6-40df-83d5-94a87750e8e1?gdpr=0&_t=1699178654908 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-sGmb_LJE2oTSHlI8GqYQ9mVPfs9slIxZ9L4-~A
Request Chain 334
  • https://idsync.rlcdn.com/474599.gif?partner_uid=f6e093ab-4ea6-40df-83d5-94a87750e8e1_ch&_t=1699178654908 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJ2Y2ZTA5M2FiLTRlYTYtNDBkZi04M2Q1LTk0YTg3NzUwZThlMV9jaBAAGg0In9GdqgYSBQjoBxAAQgBKAA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESENogwEwHiD-3UkzeA1h7Cpc&google_cver=1
Request Chain 337
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=f6e093ab-4ea6-40df-83d5-94a87750e8e1&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=1699178654908 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=f6e093ab-4ea6-40df-83d5-94a87750e8e1
Request Chain 338
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=f6e093ab-4ea6-40df-83d5-94a87750e8e1&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1699178654908 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZjZlMDkzYWItNGVhNi00MGRmLTgzZDUtOTRhODc3NTBlOGUx HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 345
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 365
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=x3JSVMd_XwDccVFaw3VLU8cmUVXcJgIFl3NXDBSK
Request Chain 366
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4365169368219957760
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJeEio8JEK0WJuseg2XSeZw&google_cver=1
Request Chain 382
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 387
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=560559417966471935
Request Chain 388
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HmtcqRZHKKxQCNToSiG04FzE
Request Chain 390
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1699178655585 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3196418144 HTTP 302
  • https://sync.1rx.io/usersync/turn/4470852050763024163?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003
Request Chain 391
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433830802584029
Request Chain 392
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=ee84a77e-fd3b-4db3-be70-13cc9f522369
Request Chain 393
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 394
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
Request Chain 395
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAh8SOAE=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.disqus.com/match?bidder=31&buyeruid=cc0176d1-73d9-45a1-8cfb-4e8656e422ad&r=Cid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAh8SOAE=&gdpr=&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAh8SOAI= HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=b98c64b4-2318-4e71-ac8e-78d7b159c759&r=Cid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAh8SOAI= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706
Request Chain 396
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
Request Chain 398
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 408
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUdonnUBhaXLGOaTV5j8PwAA%263211&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUdonnUBhaXLGOaTV5j8PwAA%263211&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2c2c3258a0594f498d5db7e54094b2f3 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4110564080573384483 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d12ef3ac-66ad-4b52-9145-5ccc59f92f97 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ddcafca0-5d07-4d4b-82db-4d20aa85a87c%3A1699178656.653733&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dddcafca0-5d07-4d4b-82db-4d20aa85a87c%253A1699178656.653733%26_%3D1699178656.8619092&cb=1699178656.8619678 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433830802584029&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dddcafca0-5d07-4d4b-82db-4d20aa85a87c%253A1699178656.653733%26_%3D1699178656.8619092 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ddcafca0-5d07-4d4b-82db-4d20aa85a87c%3A1699178656.653733&_=1699178656.8619092 HTTP 307
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18 HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEGqroRpiC2vvXA3F3Vz6U4o&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGqroRpiC2vvXA3F3Vz6U4o&action=GET_ID&etid=&domid=1052 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=560559417966471935&opid=apx&ops=&utidl=tech:goo:CAESEGqroRpiC2vvXA3F3Vz6U4o&action=GET_ID&etid=&domid=1052 HTTP 303
  • https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A52943064419
Request Chain 409
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUdonnUBhaXLGOaTV5j8PwAADIsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEB1d2VUT6SM3aANh6KDmFp8&google_cver=1
Request Chain 411
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714903455&external_user_id=05eced64-5c38-459c-915a-1c5b8cf23521
Request Chain 412
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=D0oqKbBL1QZzZl5
Request Chain 413
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=560559417966471935
Request Chain 414
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699b21352ab2w1xez00lolb3mgv
Request Chain 416
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUdonnUBhaXLGOaTV5j8PwAA%263211&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUdonnUBhaXLGOaTV5j8PwAA%263211&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d12ef3ac66ad4b5291455ccc59f92f97 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d12ef3ac-66ad-4b52-9145-5ccc59f92f97 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ddcafca0-5d07-4d4b-82db-4d20aa85a87c%3A1699178656.653733&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dddcafca0-5d07-4d4b-82db-4d20aa85a87c%253A1699178656.653733%26_%3D1699178656.6580637&cb=1699178656.6580966 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433830802584029&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dddcafca0-5d07-4d4b-82db-4d20aa85a87c%253A1699178656.653733%26_%3D1699178656.6580637 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ddcafca0-5d07-4d4b-82db-4d20aa85a87c%3A1699178656.653733&_=1699178656.6580637 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=560559417966471935
Request Chain 418
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=efqjL3n3rnti-aAhff26KHmuoC5irvN-Kfs1hvYT
Request Chain 420
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=921275781204401352&gdpr=0&gdpr_consent=
Request Chain 421
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4110564080573384483
Request Chain 422
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYHE7KjtEAABi-8U8OSA&expiration=1700388255
Request Chain 423
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=D0oqKbBL1QZzZl5
Request Chain 426
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMZ-y_Mf4-rO0YTAefIsHfU&google_cver=1&google_push=AXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKAW&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKAW%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ-y_Mf4-rO0YTAefIsHfU&google_cver=1&google_push=AXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKAW&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKAW%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 427
  • https://um.simpli.fi/gp_match?google_gid=CAESEPAPuLd5wJxXsXQa6y_EgXg&google_cver=1&google_push=AXcoOmRFxwoEBI6k7Au49eHVfoJZGMIqO1F1oxZfof4mG2Db-gIyt2UQk8d1CG78-9iMSrV5yEd9M7awW3-RlKT6DwJUoG7e0yXT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A733B80763334980A73B8DC23A3A4730&google_push=AXcoOmRFxwoEBI6k7Au49eHVfoJZGMIqO1F1oxZfof4mG2Db-gIyt2UQk8d1CG78-9iMSrV5yEd9M7awW3-RlKT6DwJUoG7e0yXT
Request Chain 428
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSajGVVg7q3wAaXcGsSycGYDGPf2ReeXb4dWo5rNlZ-BAJ4wDJsxh1KHCvMDemmxCWFFyIvhcYh9tVG2TlZTPUCKaI8IWHG&google_gid=CAESECHaAG6lPSJYbaLhRfJsUkY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Spo-U8phM_zx72OuPtlBx4yMk-MTI_htdnsYAg&google_push=AXcoOmSajGVVg7q3wAaXcGsSycGYDGPf2ReeXb4dWo5rNlZ-BAJ4wDJsxh1KHCvMDemmxCWFFyIvhcYh9tVG2TlZTPUCKaI8IWHG
Request Chain 429
  • https://rtb.openx.net/sync/dds?google_gid=CAESEEUn-wVcEO_xDQ9cZHAPW0c&google_cver=1&google_push=AXcoOmSfd-HyKAa5Ar3Pa-hzK9XcflIDzYYjaoebrqYPbl9e5rpejIIqoQgR6xtrcTS091bv0h0nyqfAnSMEa2U4ps-hn4yaKjf8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSfd-HyKAa5Ar3Pa-hzK9XcflIDzYYjaoebrqYPbl9e5rpejIIqoQgR6xtrcTS091bv0h0nyqfAnSMEa2U4ps-hn4yaKjf8&google_hm=rCZ8TR4vhYG0OKmkGZfM1A==
Request Chain 430
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELndfQ2agZw0Ga1bZDCWZd8&google_cver=1&google_push=AXcoOmQmeOI57Iz6Ah3sw7KKne8bMEvNW3L5D-30mOD26j1AHf8Qk5iV1WVaABhnfukiitFKoKq4Ea_1OhkFU1znI5Is6rE9mk6o HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELndfQ2agZw0Ga1bZDCWZd8&google_push=AXcoOmQmeOI57Iz6Ah3sw7KKne8bMEvNW3L5D-30mOD26j1AHf8Qk5iV1WVaABhnfukiitFKoKq4Ea_1OhkFU1znI5Is6rE9mk6o&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQmeOI57Iz6Ah3sw7KKne8bMEvNW3L5D-30mOD26j1AHf8Qk5iV1WVaABhnfukiitFKoKq4Ea_1OhkFU1znI5Is6rE9mk6o&google_hm=N2VzYVF0X1JVYjQtTUhNcldweVk=
Request Chain 431
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGBX-ytYY4z_K_M4o6T20aM&google_cver=1&google_push=AXcoOmSWJOpejF06H824DNP2jfjB_hHWUxWcInNl2yKUaYnUEAMKFYKDooATyFmNPXiKOuTACsOQBnbyqOoItk3Zpi2Q7uAed9yt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1S6dFtTSV3lGVnbORI-b58POaYM&google_push=AXcoOmSWJOpejF06H824DNP2jfjB_hHWUxWcInNl2yKUaYnUEAMKFYKDooATyFmNPXiKOuTACsOQBnbyqOoItk3Zpi2Q7uAed9yt
Request Chain 432
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmS1oaTgA8Fn7dEZzNp2AnKjczaumr2Ltl-a26AA3GVt1SfIJRzjTEksxtZY1164UYJ_SmrFyqI_yGXQ6q5AwMFyadR82w%26google_hm%3D%5BUID%5D&google_gid=CAESEIYN-pOk1Vw8U-OUypSVOcY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmS1oaTgA8Fn7dEZzNp2AnKjczaumr2Ltl-a26AA3GVt1SfIJRzjTEksxtZY1164UYJ_SmrFyqI_yGXQ6q5AwMFyadR82w&google_hm=b98c64b4-2318-4e71-ac8e-78d7b159c759
Request Chain 438
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=560559417966471935
Request Chain 439
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0c73a63a-8ab1-4d61-bb45-1cebd797f345&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5d08d8d6-4b6d-427f-ae3e-d81152dc9be0&expires=1&user_group=2&ssp=gumgum2&bsw_param=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 440
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=844d5201-9fbc-04f9-3537-f5fe02def728
Request Chain 441
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Request Chain 442
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-lQB.V8NE2pcX1HCeRs2JJgHne6FMsNY_fBen~A
Request Chain 443
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=45d183f6-784b-4200-92b5-c2dd62722804
Request Chain 445
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0c73a63a-8ab1-4d61-bb45-1cebd797f345&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_0c73a63a-8ab1-4d61-bb45-1cebd797f345&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=7esaQt_RUb4-MHMrWpyY&gdpr=0&us_privacy=1---
Request Chain 446
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=9NxgOBg7r0Qm&ev=1&pid=558355
Request Chain 447
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=921275781204401352
Request Chain 454
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTIxMjc1NzgxMjA0NDAxMzUy&gdpr=0&gdpr_consent=
Request Chain 455
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=smartadserver&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=
Request Chain 456
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=R7hkmEe1acxcu2eWQ799n0fsZ5lc7DTJF7nhqT-K
Request Chain 457
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=cef7bce670
Request Chain 461
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=4365169368219957760&gdpr=0&gdpr_consent=
Request Chain 466
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 467
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Request Chain 468
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=ea291475-c83b-03fb-2ad4-fce48a8d7c8b
Request Chain 469
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUdonnUBhaXLGOaTV5j8PwAA%263211
Request Chain 470
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1159291947775073476968
Request Chain 472
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=38457c9cfb3787ed3baab49d3aeac213
Request Chain 478
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZUdooMCo5r8AAAiukZQAAAAA
Request Chain 479
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=KXWhMQCskTN1IeTZXbCj&pi=gumgum&tc=1
Request Chain 480
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 486
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?insert=AW
Request Chain 493
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOLB3IFW-1C-2D87 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LOLB3IFW-1C-2D87
Request Chain 499
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
Request Chain 501
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 503
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kTUhWpE4LA6KNiJUlTI4XZFhIluKYXELwTRGJlec
Request Chain 504
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=560559417966471935&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Request Chain 505
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7297916757596240012&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 506
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a3b5a9c6-d4b8-44a8-bbfa-cbec1a1b4341&bsw_param=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 507
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1S6dFtTSV3lGVnbORI-b58POaYM&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 508
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 509
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWUhFN0tqdEVBQUJpLThVOE9TQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADYHE7KjtEAABi-8U8OSA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=921275781204401352&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADYHE7KjtEAABi-8U8OSA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D921275781204401352%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=921275781204401352&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADYHE7KjtEAABi-8U8OSA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYHE7KjtEAABi-8U8OSA&gdpr=0&gdpr_consent=
Request Chain 510
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZUdooAABdUVErQAU
Request Chain 511
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU82cbf16a609a4c99aac7f0bc5e1bf659
Request Chain 512
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 515
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1829029783605596279
Request Chain 516
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433830802584029 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Request Chain 520
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pa6VQtCnTvqD4vT1M5O0eA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 521
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=&ct=y
Request Chain 522
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3251483107
Request Chain 524
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0RBRTk1NDItRDBBNy00RUZBLTgzRTItRjRGNTMzOTNCNDc4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 525
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECDAPQLEbCaUhVyYsvz-bYE&google_cver=1
Request Chain 527
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4365169368219957760
Request Chain 529
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-82uId8NE2uUAiA0pUMoYd7rnQFQYegA-~A&gdpr=0
Request Chain 531
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=28e094f1-12ba-48f4-bf8c-2ec2a773d466-654768a0-4348&gdpr=0&gdpr_consent=
Request Chain 532
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4110564080573384483&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 533
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=46a80c7622201718&is_secure=true&networkId=17100&version=1&nuid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIylCUMD5tWQMMaTuOAAAAAAA&expiration=1699265056&nuid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 534
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3528f569-b71b-446d-a58f-7275e2f3f0cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Request Chain 536
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7248575707
Request Chain 538
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/0152d61b-5cba-5235-b79b-c321d2dcabbd
Request Chain 542
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3f7a3ab3b62d3aaff63243f5e2ab1a6c5af685a65e2ea728bab7620f54081a09
Request Chain 543
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4365169368219957760
Request Chain 545
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=4WvksV8lMkY1WXE0eWtaNDVMd3A1cXJyT2lNJTJCVnc3cGNkYTU3dVR0UElySTd0VTNLVmdCdEgwa290aGVCSVcxZUglMkZFejB3TWklMkZhY1BDdSUyRndNRUhSVlIlMkJVTkx2aE54WW9HaHo1ZVBEbExST0dQU0lhZTVTaEp5ZjVjRyUyQlF4b05Ra3ZJWFFFRWklMkZ0RFQ3Q1klMkJyRWYxdkVEU3JwQ3dydWxuakw0UVl5Q3M3YiUyQiUyRlY1JTJCdFFwWXlzMG5aRlQzeXViMmVOZjU4ZDU&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k--m4Wu8phM_zx72OuPtlBx4yMk-NSDiVuYKZTLg HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k--m4Wu8phM_zx72OuPtlBx4yMk-NSDiVuYKZTLg&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=330265bf-f52f-44ea-a3cf-f9ea286f4b9c
Request Chain 548
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/78799c6a3124dbcab4ae5cebb5a35181?gdpr_consent=&gdpr=0
Request Chain 549
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=560559417966471935 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 550
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=78799c6a3124dbcab4ae5cebb5a35181&gdpr_consent=&gdpr=0
Request Chain 559
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOLB3IFW-1C-2D87 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LOLB3IFW-1C-2D87
Request Chain 615
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=58ce9345e40871d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVSjnRYWVnWaSTbQS%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=421c10bcb05aa53a9e3b61722457b34&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DuroLIz3lVSjnRYWVnWaSTbQS%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjnRYWVnWaSTbQS&gdpr=0&gdpr_consent=
Request Chain 618
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A733B80763334980A73B8DC23A3A4730&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 619
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1699211420
Request Chain 622
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 623
  • https://pixel.onaudience.com/?partner=214&mapped=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

628 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
www.bg3.co/a/
59 KB
17 KB
Document
General
Full URL
https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a01c1a0c3ac98e1605b87f957a8d4704c409ae915a5dca0c02ee9ddb92ea5334

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 10:04:07 GMT
etag
"ecde-SrndwtY4Mh9e4TgoNh1H8YR8cNA"
expires
Sun, 05 Nov 2023 10:05:07 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/
278 KB
73 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 10:04:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73131
x-xss-protection
0
server
sffe
etag
"8cd1ce497f4c5169"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 10:04:08 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8772a132b701c01463cd2da89c0f05adc6a0d45824ae699de2e9abc043dba71
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 10:04:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9636
x-xss-protection
0
server
sffe
etag
"cd39d6f814bcf243"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 10:04:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8361799fe0baa827e7187e37022faee3802c35c3a569acb24555da83c5722b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31078
x-xss-protection
0
server
cafe
etag
25 / 19666 / m202310310101 / config-hash: 7101305502720886139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:08 GMT
js
www.googletagmanager.com/gtag/
268 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbab2479973e41534f5b41558f9dc51b9a9d4606f727208c556f02b46dab3316
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91522
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 10:04:08 GMT
counter.js
www.statcounter.com/counter/
40 KB
15 KB
Script
General
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 18:38:23 GMT
server
cloudflare
age
24753
etag
W/"6543ec9f-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
82144556984c3836-FRA
expires
Sun, 05 Nov 2023 15:11:35 GMT
adRecover.js
delivery.adrecover.com/43519/
39 KB
11 KB
Script
General
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 05 Nov 2023 11:04:08 GMT
date
Sun, 05 Nov 2023 10:03:22 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Sun, 05 Nov 2023 06:59:47 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
adpushup.js
cdn.adpushup.com/42753/
733 KB
152 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
b0fbfcf740e15efb06f5675cde2f71ecc0fdf90a23bfc51e3b3ce4701576b475

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sun, 05 Nov 2023 10:04:08 GMT
content-encoding
br
age
102445
x-cache
HIT
x-client-device
desktop
content-length
155144
x-ap-device
DESKTOP
last-modified
Sat, 04 Nov 2023 02:25:30 GMT
server
ECAcc (ama/48F2)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Sun, 05 Nov 2023 11:04:08 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/
574 KB
55 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b9322bf9955f51cf240a74a3a07a68061e75f9b752def4897df85d4dfcb8597

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tFWw6W8sYF8H1PqqmuRzJjDcEmH_tsYy
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:08 GMT
x-amz-request-id
N8PMASQNMPE74CN5
age
43
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
55395
x-amz-id-2
afLamw/XiF9cJSRCyB68M3iRPhH6tndjGtvqasHh0roAiGsehNtXk7UHoJQwv8expKO/3nRGO+Q=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 12:15:33 GMT
server
AmazonS3
x-timer
S1699178648.108813,VS0,VE1
etag
"79daee17ae90e05a7141040e4370d4bc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9578
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuioU1%2FCZl9m9OGi29%2FWWinZzwdHTswZWXjSx5lkh4aMZE%2FCH1qGBaEvMdKOY8L06JAs5HbZBsryAWXCQkmC4VRFbsVBINYXGMZ5am3DGCF%2B2cfqAjiWr39nMmzKtxbZqEknj8F5bAkKEzk8Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
82144560fe99bc01-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
t.php
c.statcounter.com/
192 B
566 B
XHR
General
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=D5434AEC408A4FF3E79AB657FBFAFEF5&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&t=%E6%96%B0%E5%8C%96%E8%AD%A61%E6%97%A5%E7%A0%B42%E7%AB%8A%E6%A1%88%E3%80%80%E6%96%B0%E5%8C%96%E8%AD%A6%E5%8F%8B%E6%9C%83%E9%A0%92%E7%8D%8E%E8%A1%A8%E6%8F%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2410&sc_rum_e_e=2483&sc_rum_f_s=0&sc_rum_f_e=2406&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
82144557a94f3836-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
89c79dc706cdb76518c75a4ecb0fb9e7.jpg
static.bg3.co/imgs/202310/
0
0

13e41329af74c7e197cc1818b765dd0e.jpg
static.bg3.co/imgs/202309/
0
0

47333c298b41676b43aac7953f4f50fb.jpg
static.bg3.co/imgs/202106/
0
0

09562f02bfa71be0bbbdfc6faa4b19ee.jpg
static.bg3.co/imgs/202105/
0
0

9c0420e74a6c51db3bdf57c58d58e4d9.jpg
static.bg3.co/imgs/202309/
0
0

7924dd80333f17e34cf02772985bc73f.jpg
static.bg3.co/imgs/202309/
0
0

86a9fab4527501eb0cdd4b46c954e9a6.jpg
static.bg3.co/imgs/202106/
0
0

033dac8d8fc804c3d24fdd8bb3380935.jpg
static.bg3.co/imgs/202105/
0
0

e64dcf78da48ba90042d3b56bfaa97af.jpg
static.bg3.co/imgs/202106/
0
0

bc407da50850f997c8fffbf808a584d4.jpg
static.bg3.co/imgs/202106/
0
0

21369f91b1c1d9d5547eb1ace1182ab1.jpg
static.bg3.co/imgs/202106/
0
0

a054d18274a07a9ed5ad0b3615140588.jpg
static.bg3.co/imgs/202203/
0
0

0cf953a8e7d62c3e3e201a930d63af33.jpg
static.bg3.co/imgs/202105/
0
0

68943cd6b2c528e904c8b02d69ff02d4.jpg
static.bg3.co/imgs/202309/
0
0

f5d987e5433ee8797f0152bfbb18743c.jpg
static.bg3.co/imgs/202105/
0
0

6ada7ff64c475be3de41cda3ac1dbe0c.jpg
static.bg3.co/imgs/202106/
0
0

467a4a215f3b32ed302e1f1100f7fe0e.jpg
static.bg3.co/imgs/202105/
0
0

a78ed149813521ba82d80c4ca2bea50e.jpg
static.bg3.co/imgs/202106/
0
0

5ab2ac923bc25962d5052c507f494aab.jpg
static.bg3.co/imgs/202310/
0
0

db87adaa44ab8235a75f71d918d5cf33.jpg
static.bg3.co/imgs/202106/
0
0

d2ee3a3b9dbb8105f57623684dcd528a.jpg
static.bg3.co/imgs/202105/
0
0

95a2bc9c7772e73ef625ddab78d90e7b.jpg
static.bg3.co/imgs/202106/
0
0

6d846d2bfbf92341a77538333d1ea717.jpg
static.bg3.co/imgs/202309/
0
0

875c737c7e5a268b3077bec865e33cd4.jpg
static.bg3.co/imgs/202105/
0
0

amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:09 GMT
age
402479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"4ca4ccf1afd64d82"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:09 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:09 GMT
age
402479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3941
x-xss-protection
0
server
sffe
etag
"aef77be21ea5e253"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:09 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/
425 KB
133 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
57042
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136288
x-xss-protection
0
server
cafe
etag
17302374607849014435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 03 Nov 2024 18:13:26 GMT
impl.20231102-5-RELEASE.js
cdn.taboola.com/libtrc/
816 KB
169 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c6d2c15417ece5810ab49b0733446e929b26927dbac35048bb190f2b66c7a31c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wrDy.6GHMPq9jWSxsFcy..8q5a_CWg0N
content-encoding
br
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:08 GMT
x-amz-request-id
0RGV9GANY66JPMAC
age
27786
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172939
x-amz-id-2
nyYsIK4J7v4uzvNT0ZwiZw3f28zUX2YXmfNMS/Rl5iuGgQ6HY7tkUfbBwdJbIuUEBQrbb6HS1Yg=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:12:44 GMT
server
AmazonS3-br
x-timer
S1699178649.863067,VS0,VE0
etag
"881017214fa5e056e755814aa025b7b3"
vary
Accept-Encoding
content-type
application/javascript
abp
66
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
68309
collect
region1.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b11v9102959953&_p=1699178647983&gcd=11l1l1l1l1&cid=1267633721.1699178649&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699178649&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=%E6%96%B0%E5%8C%96%E8%AD%A61%E6%97%A5%E7%A0%B42%E7%AB%8A%E6%A1%88%E3%80%80%E6%96%B0%E5%8C%96%E8%AD%A6%E5%8F%8B%E6%9C%83%E9%A0%92%E7%8D%8E%E8%A1%A8%E6%8F%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3428
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3940549
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230052-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1699178650.760708,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 897713
jquery-2.2.2.min.js
code.jquery.com/
84 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4376445
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230052-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1699178650.760709,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 17570
sync
gum.criteo.com/
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:09 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
197008
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/
40 KB
9 KB
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=11%3A04%3A09.365&lti=deflated&data=%7B%22id%22%3A834%2C%22ii%22%3A%22%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698927321915%2C%22vi%22%3A1699178649362%2C%22cv%22%3A%2220231102-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html%22%2C%22vpi%22%3A%22%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3481%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1925.96875%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef203c17cf99e14a52f412a713a664a344e4b68c351f0bc2fa37c0e2766fc36e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
357
date
Sun, 05 Nov 2023 10:04:09 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.1341666666666665
x-fastly-to-nlb-rtt
59222
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230067-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1699178649.388974,VS0,VE357
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ads
securepubads.g.doubleclick.net/gampad/
29 KB
13 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=965832866439023&correlator=2900738915584113&eid=44807410&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1699178649465&lmt=1699178649&adxs=220&adys=454&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1267633721.1699178649&ga_sid=1699178649&ga_hid=605714203&ga_fc=true&dlt=1699178647876&idt=1519&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb7c0762076b1acb4735d1a49bfa0c8d5dce7f8f0fb90c58309c7ceff0de73e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12773
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
de5ff7d7cf1852c496e89b38e97530c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 352A
6 KB
3 KB
Document
General
Full URL
https://de5ff7d7cf1852c496e89b38e97530c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:09 GMT
expires
Mon, 04 Nov 2024 10:04:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
floating-unit.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
8 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02aef444d225d88a60f9bbb70f190757efd61304171291003c73df554bfadcce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rJBj7r3aGOmnh9rdJ.PQq.kv31RrnXMV
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:09 GMT
x-amz-request-id
VHH7E00XBWX2388W
age
258177
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2493
x-amz-id-2
F1hx2ElDoQy4ajohb8m3R77tegf815+p0UagAgiYHAMGUZXzgxsO+jutzk52k8Uwi+b1Cw9s7YM=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:12:59 GMT
server
AmazonS3
x-timer
S1699178650.805144,VS0,VE0
etag
"b4559913b4b33779e784cf78bc64803e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
92
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
50029
taboola-vignette-new-scanning.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
27 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6284df0f00bd4a37b7e380df638c5c0457a83d28a52001baab667eaecfe17f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yYOLwAYB0rw30DMRiwJv2htrBJNIJkrt
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:09 GMT
x-amz-request-id
RTTMDKDVQH10KS1Z
age
258042
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
8019
x-amz-id-2
b0q5qpHQdylJOKeU0TQ7mp4Av+l78wA8i18Hy+xJM/dHv7hvK3xaMYb4BI/xBJfSLCZgOZA3r9A=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:12:40 GMT
server
AmazonS3
x-timer
S1699178650.806804,VS0,VE0
etag
"c7b10b42b5653223470e984a34e2d477"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
37497
distance-from-article.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1976b2ad90c95b61cd1a449f6992d2c2908f337a462d2015f1c77aabded22705

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Q4nPZ1Vsr1DZaknG1M2kxDhmiL6aHyQB
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:09 GMT
x-amz-request-id
KBP5KQ9ESNTHNT60
age
258182
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1132
x-amz-id-2
UNwV7jMo/uGA8RGHTLdTP9ChO3egNNgrzMRqFpy0r+Zlsa59XotE4TmokdB+fyT/EY3ksBpUos8=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:13:09 GMT
server
AmazonS3
x-timer
S1699178650.844407,VS0,VE0
etag
"ce1c5235fb33d6ac81096f98bf8f41d6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
536686
article-detection.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75142c35f7c00a41c4f722667770f7eda135d815f970b5e6be8de87095ea12f3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cld8mb4sNxuGvc7o3N5Gp0OiXn67hxmI
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:09 GMT
x-amz-request-id
KBPEH81XDRXXA4V1
age
258182
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
vDu+Jfr6oSZGQTGk6MIURb4+5Qf/2CMUb3Onb5yK0k0JZIU2q9OO9j5/Xg91+C92V1seUFR8/kM=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:13:16 GMT
server
AmazonS3
x-timer
S1699178650.844576,VS0,VE0
etag
"97186553f83167d1af6b074dbef424b2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
89
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
535864
tb
15.taboola.com/
30 KB
9 KB
XHR
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=palmate-bg3co&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Feed&uuip=Feed%20-%20Below%20Article%20Feed&cisrf=&cirf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&encoded=1&uid=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1699178649841&tagid=&cntry=CH&platform=1&sesid=fd568ebc3812c2bc2360d38de98979b2&itemid=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&viewid=1699178649362&geolat=&geoing=&deviceifa=&appid=&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ri=62c4ba0bf696e0b4b5e47b2b4928be74&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1524057&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=VD&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1231993&prcnt=&layer=&normp=1&gvv=13497
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
897d1bbe14a316d047465b8c298c5a05fc624df549e25012cf2e3626b2a0a146

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:09 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1450
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra-eddf8230067-FRA
pragma
no-cache
server
nginx
x-timer
S1699178650.858712,VS0,VE33
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23106e7c3c425ac991acdeb26c55eced3a41e8e439c65f794ef3fac7b1a5fe1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8ScQxE5jmxIfPawgNFDkv9nBXShHCw8b
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:09 GMT
x-amz-request-id
D1V5053552DWTY00
age
258186
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1262
x-amz-id-2
pCcuhUDPVRJeOuSgo+uqbNKG/RZJKf2Q5vHiTTNkDE25lcDhWEMJeMmi6Xa2b+TWdA+Y0E0pS3c=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:13:04 GMT
server
AmazonS3
x-timer
S1699178650.861065,VS0,VE0
etag
"4f8cee22ab16cd8c964b1296c28d5408"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
72
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
469809
userx.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
207b5d5af193855b0b3c7068a3ec3f7b4a0594f18eec78d7a9c5a2f79c51b4ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
m.gzQ89G.tLhr4O5GAMMB2EbQ82A9SI.
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:09 GMT
x-amz-request-id
TH9J5E9WJ532FV83
age
258187
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
5jepYxIeVE0pWxGPCJ1xl6raaav6fcWOVhNMjGHqsryRZ8ztkwSrD6gI4THRNqBfgBtA2gHsBYM=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:12:37 GMT
server
AmazonS3
x-timer
S1699178650.867536,VS0,VE0
etag
"ca1ef71d1f82df4e5a0623b12689695c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
58
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
113578
explore-more.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
26 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7aa6b6e9a3bb07a6e7a1b473023f32f86b2b8672e3af6ef299d980882cc859a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gcLotEmTDkTFeD.3ks3kOBzh4JSjLk9p
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:09 GMT
x-amz-request-id
EFAK08XHCEYJ9K6R
age
258164
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7706
x-amz-id-2
FUeUTh6+xIMaKFykTNDdltx0M5TbwghpWTCw3YThrw8LoE93CiE9jejEAhoxrAkXuhTunHMl/00=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:13:06 GMT
server
AmazonS3
x-timer
S1699178650.895399,VS0,VE0
etag
"fe17033fa4e142de49847aa185754e17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
248176
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=11%3A04%3A09.790&id=6889&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1699178649794%7D&tim=11%3A04%3A09.794&id=3166&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1699178649816%7D&tim=11%3A04%3A09.816&id=668&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A04%3A09.883&id=9523&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A04%3A09.891&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=9040&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72610
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A04%3A09.894&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6499&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72610
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A04%3A09.899&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=2651&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
71788
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A04%3A09.901&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2574&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
71788
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A04%3A09.914&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4159&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
71788
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:09 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
66
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1699178650.934132,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
81
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
111
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
66 KB
66 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a2b6fc91ad20e2d027577681a0afb290e1c341429fc4dadd30565bab7d9b541d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
2878403
edge-cache-tag
500629582064787076250330989933903002781,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
829
expiration
expiry-date="Mon, 23 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://buergergeld-zahlung.de/bekommen-rentner-im-juli-300-euro-inflationsausgleich-vom-staat/
content-length
67234
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100125-IAD, cache-iad-kjyo7100047-IAD, cache-iad-kcgs7200132-IAD, cache-fra-eddf8230067-FRA
last-modified
Fri, 22 Sep 2023 07:45:01 GMT
server
nginx
surrogate-reporting
width=1066,height=800,bytes=76122,owidth=1200,oheight=800,obytes=1094111
x-timer
S1699178650.090087,VS0,VE2
etag
"c66bc4d6f8b3631f0118024b4d080e4c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 16, 1
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
29 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fa0cd43fbef91e806c18c731d15b61f086cedd25af360cc5f28c74b1fd9301c4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
1374571
edge-cache-tag
500629582064787076250330989933903002781,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
195
expiration
expiry-date="Sun, 24 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/
content-length
29726
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200118-IAD, cache-iad-kjyo7100080-IAD, cache-iad-kcgs7200152-IAD, cache-fra-eddf8230067-FRA
last-modified
Thu, 24 Aug 2023 13:12:25 GMT
server
nginx
surrogate-reporting
width=1200,height=600,owidth=1200,oheight=800,obytes=1094111
x-timer
S1699178650.089540,VS0,VE3
etag
"4f265a7bf6a7e6eaeeef74a46111e00a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 482, 1
86574f591fba8b39df23e108d283f3eb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
15 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0229b8f7cef98381e5f09831075229b0d2a1345e745a52ea7647af903df4c77a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
age
7188782
edge-cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
162
expiration
expiry-date="Mon, 04 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.welingelichtekringen.nl/
content-length
15838
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100026-IAD, cache-iad-kiad7000111-IAD, cache-iad-kiad7000026-IAD, cache-fra-eddf8230067-FRA
last-modified
Fri, 04 Aug 2023 13:06:08 GMT
server
nginx
x-timer
S1699178650.093059,VS0,VE1
etag
"31b3e1f176fa992927126e5c2f0323fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3365, 1
1191511600__nIK9BZYg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
16 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
89f70125ee3333119eeae42a95a9f2fef92c9e5550969dd3583337323d53c98d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
age
1651981
edge-cache-tag
491039219223133264994354399708687091833,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
491039219223133264994354399708687091833,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
111
req-referer
https://www.ouest-france.fr/
content-length
15980
x-request-id
a0646c46f442f443c0b2c0a0a25f0cf3
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kiad7000029-IAD, cache-iad-kjyo7100098-IAD, cache-fra-eddf8230067-FRA
last-modified
Sat, 26 Aug 2023 01:03:05 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=23615,owidth=2121,oheight=1414,obytes=1897321
x-timer
S1699178650.093005,VS0,VE1
etag
"58767de5418e9abbaa9d02b8ab8855cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 1
5bed6d75ca0c7b8007f72f73ac5f5451.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
37 KB
37 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cca83685c5fbbe7646bd22e4defc30f704cf843fcc996e50c03d6ab602811e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
age
2609165
edge-cache-tag
608330632766545199157274674631276038268,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
608330632766545199157274674631276038268,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
239
expiration
expiry-date="Fri, 06 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.realclearpolitics.com/
content-length
37416
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000056-IAD, cache-iad-kiad7000056-IAD, cache-ewr18170-EWR, cache-iad-kcgs7200022-IAD, cache-fra-eddf8230067-FRA
last-modified
Tue, 05 Sep 2023 05:52:39 GMT
server
nginx
surrogate-reporting
width=1200,height=600,owidth=1200,oheight=800,obytes=1432845
x-timer
S1699178650.123265,VS0,VE0
etag
"5de4798bdf45603f638be230d5c64253"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 17, 1, 1, 2
96448949963314e54ab48f6cc6d6e9f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
10 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cdd46c91676da96a36490fad39c3b9e07ccd5f03b9f859fcc8403f8a6f58607e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
age
4537258
edge-cache-tag
594210078550666227874131581905415109830,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
594210078550666227874131581905415109830,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
203
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.terra.com.br/
content-length
9910
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000094-IAD, cache-iad-kiad7000094-IAD, cache-sna10739-LGB, cache-iad-kcgs7200137-IAD, cache-fra-eddf8230067-FRA
last-modified
Mon, 17 Jul 2023 12:54:24 GMT
server
nginx
x-timer
S1699178650.126969,VS0,VE1
etag
"c52b2157dde65da81522b236cecbd0d4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 125, 1
9fb4dd02-05ca-434e-a05e-22b19a655d6b__q4entBjc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/9fb4dd02-05ca-434e-a05e-22b19a655d6b__q4entBjc.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be785b38a2722604221c19d58f113a383814627149afcabd6885552c629dfaf9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/9fb4dd02-05ca-434e-a05e-22b19a655d6b__q4entBjc.jpg
age
5104055
edge-cache-tag
556877404517161492758024669259079863911,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
556877404517161492758024669259079863911,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
224
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lefigaro.fr/
content-length
4970
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kcgs7200087-IAD, cache-sna10731-LGB, cache-iad-kjyo7100061-IAD, cache-fra-eddf8230067-FRA
last-modified
Wed, 16 Aug 2023 07:02:16 GMT
server
nginx
x-timer
S1699178650.134195,VS0,VE1
etag
"4bbd3911138d3a93ae554a264253dfa4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 2, 1
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
33 KB
33 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a3790beb69a7947610ec1a3063b6df868d75c1da9aec99c0a28e1202f6adaf3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
3449889
edge-cache-tag
500629582064787076250330989933903002781,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
398
expiration
expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
33296
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000021-IAD, cache-iad-kcgs7200052-IAD, cache-sna10729-LGB, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230067-FRA
last-modified
Wed, 19 Jul 2023 11:47:45 GMT
server
nginx
x-timer
S1699178650.134339,VS0,VE0
etag
"e27c10776e8acb7d55ac3095f7ebf0b2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 17, 1, 342, 10
1191511600__nIK9BZYg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
66 KB
67 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7319f99244a2c15adf4cf3b2f9b8106dcedf9a1d405dffed0044e611f7fedcf0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
88
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
age
700772
edge-cache-tag
491039219223133264994354399708687091833,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
491039219223133264994354399708687091833,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
751
req-referer
https://www.thehindu.com/
content-length
67384
x-request-id
33186b713eb8a127ff053226f44d00eb
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100082-IAD, cache-iad-kiad7000168-IAD, cache-iad-kjyo7100114-IAD, cache-fra-eddf8230067-FRA
last-modified
Sat, 28 Oct 2023 03:16:03 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=96938,owidth=2121,oheight=1414,obytes=1897321
x-timer
S1699178650.212368,VS0,VE88
etag
"75324b453b833410e4ee035a37308d10"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 8, 0
5bed6d75ca0c7b8007f72f73ac5f5451.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
41 KB
42 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9cab3225bc5ad29cf87d85f4907379efb2fad2cc3fd78b64890accfc2d956606

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
age
2878729
edge-cache-tag
608330632766545199157274674631276038268,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
608330632766545199157274674631276038268,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
363
expiration
expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://omgifacts.com/
content-length
42430
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000112-IAD, cache-iad-kiad7000142-IAD, cache-iad-kjyo7100042-IAD, cache-fra-eddf8230067-FRA
last-modified
Thu, 20 Jul 2023 02:26:00 GMT
server
nginx
x-timer
S1699178650.215642,VS0,VE6
etag
"101d72a29a382bf99dc10bf3e7dd2e55"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7, 1
96448949963314e54ab48f6cc6d6e9f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ca00ea1d95b0369e3fee0ae721bf9f172501a7052c1131036da7823a0a1830e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
age
4537259
edge-cache-tag
594210078550666227874131581905415109830,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
594210078550666227874131581905415109830,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
192
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
21566
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000094-IAD, cache-iad-kiad7000094-IAD, cache-lga21945-LGA, cache-iad-kjyo7100064-IAD, cache-fra-eddf8230067-FRA
last-modified
Mon, 17 Jul 2023 12:54:24 GMT
server
nginx
x-timer
S1699178650.216210,VS0,VE1
etag
"c52b2157dde65da81522b236cecbd0d4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 13, 1, 47, 1
view
securepubads.g.doubleclick.net/pcs/ Frame 2D1A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxK-SLvz76MMYxuRSk_TsZt9P7jmid2vbY4TjPsrdAXL0kY3r26mnyj8gR_sGjd0Q88XCpoeLQaa__p-7adBhcJRNKunhHtcg0b70w6NUgLsrv6NYHHlc5EtNmvmr28RpfRVszvmla7tp_AHpM1Lyw1kApth4qLSxkDYuzjy6iy8qpjQssy6CX2HIBiR5ylSG90rOyEK4Cq7guwY_Clk3hmWHbAmQa7dZoNind7Mw6z8mGsH_Xa8GwM0KJSD5KsPaV0Yjt9JWN23PJTFJT3qK7SW1fKWps_WebrbM4Uy2o4f_4Umfbkw8t6_418Pwz-Cv_OA&sai=AMfl-YRw1FbQDtOlNPYYQOfClF2-79lMKx5Ntf3Tzf2uUrIiEBuHSvL3BCfp2vtLW8lGvdmpnZcHNZpmmv805hV8SY_KHOqihsms1eb6DtI7XngsyDhxwuJHsCRudOBHkCoAv2HG9OpDjheI0gIZRiDK&sig=Cg0ArKJSzD74fEinjX5AEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 10:04:10 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/
26 KB
8 KB
Script
General
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 13:45:26 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651ebdf6-66b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 05 Nov 2023 11:04:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D1A
189 KB
60 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:10 GMT
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
29 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fa0cd43fbef91e806c18c731d15b61f086cedd25af360cc5f28c74b1fd9301c4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
1374571
edge-cache-tag
500629582064787076250330989933903002781,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
195
expiration
expiry-date="Sun, 24 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/
content-length
29726
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200118-IAD, cache-iad-kjyo7100080-IAD, cache-iad-kcgs7200152-IAD, cache-fra-eddf8230067-FRA
last-modified
Thu, 24 Aug 2023 13:12:25 GMT
server
nginx
surrogate-reporting
width=1200,height=600,owidth=1200,oheight=800,obytes=1094111
x-timer
S1699178650.395193,VS0,VE0
etag
"4f265a7bf6a7e6eaeeef74a46111e00a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 482, 2
86574f591fba8b39df23e108d283f3eb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
15 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0229b8f7cef98381e5f09831075229b0d2a1345e745a52ea7647af903df4c77a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
age
7188782
edge-cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
162
expiration
expiry-date="Mon, 04 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.welingelichtekringen.nl/
content-length
15838
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100026-IAD, cache-iad-kiad7000111-IAD, cache-iad-kiad7000026-IAD, cache-fra-eddf8230067-FRA
last-modified
Fri, 04 Aug 2023 13:06:08 GMT
server
nginx
x-timer
S1699178650.396991,VS0,VE0
etag
"31b3e1f176fa992927126e5c2f0323fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3365, 2
1191511600__nIK9BZYg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
16 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
89f70125ee3333119eeae42a95a9f2fef92c9e5550969dd3583337323d53c98d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
age
1651981
edge-cache-tag
491039219223133264994354399708687091833,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
491039219223133264994354399708687091833,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
111
req-referer
https://www.ouest-france.fr/
content-length
15980
x-request-id
a0646c46f442f443c0b2c0a0a25f0cf3
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kiad7000029-IAD, cache-iad-kjyo7100098-IAD, cache-fra-eddf8230067-FRA
last-modified
Sat, 26 Aug 2023 01:03:05 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=23615,owidth=2121,oheight=1414,obytes=1897321
x-timer
S1699178650.398778,VS0,VE0
etag
"58767de5418e9abbaa9d02b8ab8855cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 2
5bed6d75ca0c7b8007f72f73ac5f5451.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
37 KB
37 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cca83685c5fbbe7646bd22e4defc30f704cf843fcc996e50c03d6ab602811e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
age
2609165
edge-cache-tag
608330632766545199157274674631276038268,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
608330632766545199157274674631276038268,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
239
expiration
expiry-date="Fri, 06 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.realclearpolitics.com/
content-length
37416
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000056-IAD, cache-iad-kiad7000056-IAD, cache-ewr18170-EWR, cache-iad-kcgs7200022-IAD, cache-fra-eddf8230067-FRA
last-modified
Tue, 05 Sep 2023 05:52:39 GMT
server
nginx
surrogate-reporting
width=1200,height=600,owidth=1200,oheight=800,obytes=1432845
x-timer
S1699178650.398990,VS0,VE0
etag
"5de4798bdf45603f638be230d5c64253"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 17, 1, 1, 3
96448949963314e54ab48f6cc6d6e9f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
10 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cdd46c91676da96a36490fad39c3b9e07ccd5f03b9f859fcc8403f8a6f58607e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
age
4537258
edge-cache-tag
594210078550666227874131581905415109830,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
594210078550666227874131581905415109830,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
203
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.terra.com.br/
content-length
9910
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000094-IAD, cache-iad-kiad7000094-IAD, cache-sna10739-LGB, cache-iad-kcgs7200137-IAD, cache-fra-eddf8230067-FRA
last-modified
Mon, 17 Jul 2023 12:54:24 GMT
server
nginx
x-timer
S1699178650.399983,VS0,VE0
etag
"c52b2157dde65da81522b236cecbd0d4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 125, 2
9fb4dd02-05ca-434e-a05e-22b19a655d6b__q4entBjc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/9fb4dd02-05ca-434e-a05e-22b19a655d6b__q4entBjc.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be785b38a2722604221c19d58f113a383814627149afcabd6885552c629dfaf9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/9fb4dd02-05ca-434e-a05e-22b19a655d6b__q4entBjc.jpg
age
5104055
edge-cache-tag
556877404517161492758024669259079863911,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
556877404517161492758024669259079863911,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
224
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lefigaro.fr/
content-length
4970
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kcgs7200087-IAD, cache-sna10731-LGB, cache-iad-kjyo7100061-IAD, cache-fra-eddf8230067-FRA
last-modified
Wed, 16 Aug 2023 07:02:16 GMT
server
nginx
x-timer
S1699178650.400675,VS0,VE0
etag
"4bbd3911138d3a93ae554a264253dfa4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 2, 2
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
33 KB
33 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a3790beb69a7947610ec1a3063b6df868d75c1da9aec99c0a28e1202f6adaf3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
3449889
edge-cache-tag
500629582064787076250330989933903002781,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
398
expiration
expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
33296
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000021-IAD, cache-iad-kcgs7200052-IAD, cache-sna10729-LGB, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230067-FRA
last-modified
Wed, 19 Jul 2023 11:47:45 GMT
server
nginx
x-timer
S1699178650.421694,VS0,VE0
etag
"e27c10776e8acb7d55ac3095f7ebf0b2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 17, 1, 342, 11
1191511600__nIK9BZYg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
66 KB
67 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7319f99244a2c15adf4cf3b2f9b8106dcedf9a1d405dffed0044e611f7fedcf0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
age
700772
edge-cache-tag
491039219223133264994354399708687091833,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
491039219223133264994354399708687091833,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
751
req-referer
https://www.thehindu.com/
content-length
67384
x-request-id
33186b713eb8a127ff053226f44d00eb
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100082-IAD, cache-iad-kiad7000168-IAD, cache-iad-kjyo7100114-IAD, cache-fra-eddf8230067-FRA
last-modified
Sat, 28 Oct 2023 03:16:03 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=96938,owidth=2121,oheight=1414,obytes=1897321
x-timer
S1699178650.427504,VS0,VE0
etag
"75324b453b833410e4ee035a37308d10"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 8, 1
5bed6d75ca0c7b8007f72f73ac5f5451.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
41 KB
42 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9cab3225bc5ad29cf87d85f4907379efb2fad2cc3fd78b64890accfc2d956606

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
age
2878729
edge-cache-tag
608330632766545199157274674631276038268,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
608330632766545199157274674631276038268,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
363
expiration
expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://omgifacts.com/
content-length
42430
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000112-IAD, cache-iad-kiad7000142-IAD, cache-iad-kjyo7100042-IAD, cache-fra-eddf8230067-FRA
last-modified
Thu, 20 Jul 2023 02:26:00 GMT
server
nginx
x-timer
S1699178650.427859,VS0,VE0
etag
"101d72a29a382bf99dc10bf3e7dd2e55"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7, 2
96448949963314e54ab48f6cc6d6e9f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ca00ea1d95b0369e3fee0ae721bf9f172501a7052c1131036da7823a0a1830e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
age
4537259
edge-cache-tag
594210078550666227874131581905415109830,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
594210078550666227874131581905415109830,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
192
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
21566
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000094-IAD, cache-iad-kiad7000094-IAD, cache-lga21945-LGA, cache-iad-kjyo7100064-IAD, cache-fra-eddf8230067-FRA
last-modified
Mon, 17 Jul 2023 12:54:24 GMT
server
nginx
x-timer
S1699178650.433007,VS0,VE0
etag
"c52b2157dde65da81522b236cecbd0d4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 13, 1, 47, 2
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
66 KB
66 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a2b6fc91ad20e2d027577681a0afb290e1c341429fc4dadd30565bab7d9b541d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
2878403
edge-cache-tag
500629582064787076250330989933903002781,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
829
expiration
expiry-date="Mon, 23 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://buergergeld-zahlung.de/bekommen-rentner-im-juli-300-euro-inflationsausgleich-vom-staat/
content-length
67234
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100125-IAD, cache-iad-kjyo7100047-IAD, cache-iad-kcgs7200132-IAD, cache-fra-eddf8230067-FRA
last-modified
Fri, 22 Sep 2023 07:45:01 GMT
server
nginx
surrogate-reporting
width=1066,height=800,bytes=76122,owidth=1200,oheight=800,obytes=1094111
x-timer
S1699178650.433226,VS0,VE0
etag
"c66bc4d6f8b3631f0118024b4d080e4c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 16, 2
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/
437 KB
127 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489A) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sun, 05 Nov 2023 10:04:10 GMT
content-encoding
br
age
170428
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (ama/489A)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 10:04:10 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
309 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sun, 05 Nov 2023 10:04:10 GMT
content-encoding
br
age
7441472
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 10:04:10 GMT
logs
http-intake.logs.datadoghq.com/api/v2/
2 B
253 B
Fetch
General
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:5f2c:97f4:e029:49be Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/
75 KB
18 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sun, 05 Nov 2023 10:04:10 GMT
content-encoding
br
age
4473187
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 10:04:10 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTkxNzg2NTA0NjYsInBhY2tldElkIjoiMDAwMEE3MDEtNGY0NTI1MmEtNjA1ZS00OWE2LWE5NzktZTZlMjA2NzM3NzFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1odWEtamluZy0xcmktcG8tMnFpZS1hbi14aW4taHVhLWppbmcteW91LWh1aS1iYW4tamlhbmctYmlhby15YW5nLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=4714
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
365 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ucfad-formats.css
cdn.aralego.net/css/dev/
975 B
654 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9878
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgfOfTlqfS%2F7kQpeUHaNuDCGghsH9BqeAxF8hVEH0dxTuBMz3x9koTJ3VROw7tWp3J4oQBS6g%2BUVibxHHwywfSEEoJOkEs297iLwYjsL%2FjxDYt8Qgae7qHsz3V77bSCopfEHCYMR%2B3m%2B0atDtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
821445664c00bc01-FRA
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
59c50c6bd34efe268453012b423d2f60933b261de950c7d0f26b79aff34a9b7d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 10:04:11 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.4/
130 KB
35 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a10026a5515532bc83d5cc40f634aaca4ee39b21ae46ab1edcfd12f8e90396d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
290557
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35015
x-served-by
cache-fra-eddf8230118-FRA
last-modified
Thu, 02 Nov 2023 01:19:16 GMT
server
AmazonS3
x-timer
S1699178651.669296,VS0,VE0
etag
"b47108d5ce64f616cbca39ef75fd8496"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
O1l3Ixw_wY44bx8WXWnIRJ50Fvq8QXqwkxRLyBtdbXordIVQfBE_yg==
x-cache-hits
40558
next-up-widget.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
16 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff50c1a50cc8fc3493ed21f3cbf9fa572cce75af3baf98cb081bc6b5a0f61d22

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0t0Ww6wSvVNNylsnWLNrgi8i0lDT3Mny
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:10 GMT
x-amz-request-id
41JQCJJG0BGSVDXD
age
258177
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4622
x-amz-id-2
OGO+hvyvViduhvFOL1LbBvvNMe+7CadxTbo9k1Xrh/L78s5U+vc771ltDcR+lgpCf6HUg7UtKjk=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:12:55 GMT
server
AmazonS3
x-timer
S1699178651.627317,VS0,VE0
etag
"b380733a896440a5ecd531a4cc5702aa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
48882
block.jpg
delivery.adrecover.com/
631 B
735 B
Image
General
Full URL
https://delivery.adrecover.com/block.jpg?ts=1699178650653
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 04 Nov 2024 10:04:10 GMT
date
Sun, 05 Nov 2023 10:04:10 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
6908326
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
ad_request
ads.aralego.com/
564 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.24024301401324055&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
truncated
/ Frame 2D1A
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54b087a434e425d4cdc2be8d2283aebef89004cb28b4a32ecb5c2004f339bfa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2D1A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuly9faRG6JC1SceOAQz8VwyWZGFrNIcUANej2TQeXf6AB3a-oJu0V3MCgSTgNHZS9jDH_mcztmGRg4znD1-WGhLQgSDgyl64OaMWjnrVI8hn4E3pLHBQ_eL9FLoYWB1iWsHRZ6z6_yb-soHAUkfOUhJH2ZDS1C6zmOROBYEG0giPouP6BmGzR1vLlZvGVfY-zKftsSGPeK-UzpYF5Se3SfMZuHUOmBtFVe5S5dz1v9g869BXLMJKg_yzW2zCxUftb4m9DOe5kCMivYgNzKvsvtKbn1Tm53W2DkvlntXOYR7odMrZJCbCd9JN6mtojfSU4Jj-xj&sai=AMfl-YQWyabXXfj_sa4iqBSkYBPtPqJibs3EYE3v2P5_fA-RdNXdy5wi3D0v1MO7BrqBSVYQOFlPnoUb_Rc3dFNhIIOvPyS8njKADcp46hk3fP1PZSbQ8d7eEmdCbNUYWTWWPl1PZSE48wn_9JYEp88s&sig=Cg0ArKJSzE7iL3bhkbQ-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 10:04:10 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTkxNzg2NTA3NDAsInBhY2tldElkIjoiMDAwMEE3MDEtNGY0NTI1MmEtNjA1ZS00OWE2LWE5NzktZTZlMjA2NzM3NzFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1odWEtamluZy0xcmktcG8tMnFpZS1hbi14aW4taHVhLWppbmcteW91LWh1aS1iYW4tamlhbmctYmlhby15YW5nLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4987.399993896484
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTkxNzg2NTA3NDYsInBhY2tldElkIjoiMDAwMEE3MDEtNGY0NTI1MmEtNjA1ZS00OWE2LWE5NzktZTZlMjA2NzM3NzFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1odWEtamluZy0xcmktcG8tMnFpZS1hbi14aW4taHVhLWppbmcteW91LWh1aS1iYW4tamlhbmctYmlhby15YW5nLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4993.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTkxNzg2NTA3NDksInBhY2tldElkIjoiMDAwMEE3MDEtNGY0NTI1MmEtNjA1ZS00OWE2LWE5NzktZTZlMjA2NzM3NzFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1odWEtamluZy0xcmktcG8tMnFpZS1hbi14aW4taHVhLWppbmcteW91LWh1aS1iYW4tamlhbmctYmlhby15YW5nLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4996.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/
47 KB
16 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=965832866439023&correlator=1056752306794873&eid=44807410&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&arp=1&abxe=1&dt=1699178650762&lmt=1699178650&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1267633721.1699178649&ga_sid=1699178649&ga_hid=605714203&ga_fc=true&dlt=1699178647876&idt=1519&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0_pv%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_1%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_1%26faid%3Dfalse%26adro%3Dv8_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9e7f6a7a84271db6eeb2d090d80879c37d382ec80324b3ed5c16fb50d8bb695
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16215
x-xss-protection
0
google-lineitem-id
6393702623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449822902
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/
39 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7b8af9b735073ec39e38018ae49ba7396286cd7e2cb2c4d457885ff41ad755f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:13:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
57042
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13740
x-xss-protection
0
server
cafe
etag
11733316767131186006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 03 Nov 2024 18:13:28 GMT
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A2919%7D%22%2C%22eventTime%22%3A1699178650792%7D&tim=11%3A04%3A10.792&id=4776&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304.171875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A04%3A10.837&id=4794&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A04%3A10.845&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1365&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
77849
css2
fonts.googleapis.com/
20 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Nov 2023 10:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 10:00:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Nov 2023 10:04:10 GMT
spa-detector.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1020 B
Script
General
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f73ca3ca5aa08959a088d050b97134eaf9384499c9e354bc69b237404b03026

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
H66Q7jPMtpcrGFGt6k3.1w1D_cBdvCGZ
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 Nov 2023 10:04:10 GMT
x-amz-request-id
1J2YWBRRVV3GQ648
age
258164
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
778
x-amz-id-2
ZxFShRvu65bki0p7i9emBRGItfbecm65mwcuW85+GJoxs1+LVajosSnAchrYIEMYzrblDoW6WFk=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Thu, 02 Nov 2023 10:12:49 GMT
server
AmazonS3
x-timer
S1699178651.867608,VS0,VE0
etag
"71b706780f839d0c2cf277ffdf220737"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
70
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
253685
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A04%3A10.846&id=5355&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1699178650848%7D&tim=11%3A04%3A10.848&id=2729&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A04%3A10.850&id=1664&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=13497&lti=deflated&ri=1087ad6034fd14a257a96ffabd2fb8ed&sd=v2_fd568ebc3812c2bc2360d38de98979b2_befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19_1699178649_1699178649_CNawjgYQ2YJdGJKuwve5MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19&pi=/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&wi=8229386465557034682&pt=text&vi=1699178649362&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1699178650851%7D&tim=11%3A04%3A10.851&id=8848&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
impress
ad.vidverto.io/delivery/
56 KB
20 KB
XHR
General
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&referrer=&async=1&uid=7845566276&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e4768b726957aec13a94dc337d235313091d234dd321066284ed2aac68d7e4ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 05 Nov 2023 10:04:10 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTkxNzg2NTA3NDAsInBhY2tldElkIjoiMDAwMEE3MDEtNGY0NTI1MmEtNjA1ZS00OWE2LWE5NzktZTZlMjA2NzM3NzFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1odWEtamluZy0xcmktcG8tMnFpZS1hbi14aW4taHVhLWppbmcteW91LWh1aS1iYW4tamlhbmctYmlhby15YW5nLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=5111
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 12 Nov 2023 10:04:11 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231105
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4618c73b3cda93073557b27a3b8abd09750e3d720b9dbfd999aa49e9a0d13f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21797
x-jsd-version
1.0.1864
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230041-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-Q/mYDhq873DCPDDzGNyalyoNhAQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBya%2BrwTeo3wnKHYZeh24ULoRfYre%2BPPT3yk2Wz0047iCmupYgn1YunEPOY3O6EOq2NRX8LNxc3otJ%2BFZu86MQvzRM%2BO2nkFtRJmxEdlIbDHyARNpP3RpVh99xdBtdkz3er4GinJ%2BidsEFwRdX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8214456a8f94997b-FRA
adreq
ads.servenobid.com/
592 B
669 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=6909
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e425f9ff85c29aa66c77eed5de0c1e8ab967ff55483a271f99822b7ec33fb418

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/
36 B
311 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84533f107284efd70e7ce1c3e84a7f6cd17e843183a6cf170a7576ebf247f017

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjtUN9p%2FYC4YfXphAMKK1mLdg1GB9afDdzgu8S4Qv87dqDgnzCm%2FmM%2FvjdIJGeZ664xePJhzCcizCgDfFs1aXnmzjcaCuXkeYTb%2BucSRUKq4ixDhsC%2Ba3r0NBFCKOf1FXIWAA4J8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8214456b2acf4da2-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/
36 B
543 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84533f107284efd70e7ce1c3e84a7f6cd17e843183a6cf170a7576ebf247f017

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qywXcmBNocsyG1JEv%2FAwbXTl2mG%2FYDg09X6dj2kJagVYWropIXgnHdELMbug61ZLYpMEQBhqg0ZIpVfa2nN7%2FZnDKSEr7BjtlfekBv9X65yx2Mo1%2B70vljuT3B0xdo3eEkpSG12A"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8214456b2acd4da2-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
prebid.media.net/rtb/
1 KB
2 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
941a83f6ab9f7fc013beb8ff41121bde6843cd3e1fd5166cf17234b217238cb5

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:10 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 10:04:11 GMT
auction
tlx.3lift.com/header/
19 B
636 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.226.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-226-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt
x-auction-status
12, 12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/
0
306 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8214456b2f8a367e-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
hbjson
grid.bidswitch.net/
24 B
361 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.136.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-136-176.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f1da192498233c026ad16b776fa5bb5e49994b7b31e7b09146dca3d741944639

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 05 Nov 2023 10:04:11 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bid-request
a.teads.tv/hb/
414 B
874 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
be29e312c0205fde8e880cdb274f00258eed12e91a08cc1dbcbac24959891769

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
304
expires
Sun, 05 Nov 2023 10:04:11 GMT
c
prebid.a-mo.net/a/
0
273 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 05 Nov 2023 10:04:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
prebidjs
rtb.openx.net/openrtbb/
53 B
244 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3d313751e117a410553335b2a551ad3dfc1db923a463f34cebd67ee216ba4303

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
0
145 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 05 Nov 2023 10:04:11 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebid
ib.adnxs.com/ut/v3/
139 B
700 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4dd82df33f343d298fd238500198a5a720bffbb150f6a1a57448dee423faca0a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
an-x-request-uuid
1917fba3-0420-4ea4-8a4c-3aeec310518b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
467 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
328ceaba8d647e0e0f1b99568fa2a8669d575f7ffa502662cab1006a32cd2417

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
14 KB
7 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=c5872001-d71a-4247-8bce-0e7ca612a0c4%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%96%B0%E5%8C%96%E8%AD%A61%E6%97%A5%E7%A0%B42%E7%AB%8A%E6%A1%88%E6%96%B0%E5%8C%96%E8%AD%A6%E5%8F%8B%E6%9C%83%E9%A0%92%E7%8D%8E%E8%A1%A8%E6%8F%9A&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=eb20b267-b704-4252-8ebd-dc896e9fa32e&l_pb_bid_id=41cd346b0296539&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=eb20b267-b704-4252-8ebd-dc896e9fa32e&rp_maxbids=1&slots=1&rand=0.7303501632398108
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4eda9c477246f17f6191c65a4ccc13d0cdeff99c472a56f4cc1176eefb223f54

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/
15 B
406 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cdb
bidder.criteo.com/
0
189 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=6896722855&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 05 Nov 2023 10:04:10 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/
3 B
518 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
17
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
/
onetag-sys.com/usync/ Frame F20B
2 KB
864 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/
363 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127582
x-xss-protection
0
expires
Sun, 05 Nov 2023 10:04:11 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/
5 KB
2 KB
Script
General
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 05 Nov 2023 11:04:11 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/
60 KB
13 KB
Script
General
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 05 Nov 2023 11:04:11 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/
88 KB
23 KB
Script
General
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=b18b4a7ee1d44025bf02f5742d2c1f93
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 15:16:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65368e64-16141"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 05 Nov 2023 11:04:11 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/
130 KB
41 KB
Script
General
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 15:40:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65427166-20687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 05 Nov 2023 11:04:11 GMT
prebid.js
ad.vidverto.io/js/achernar/
293 KB
98 KB
Script
General
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 05 Nov 2023 11:04:11 GMT
invocation.min.css
ad.vidverto.io/vidverto/
3 KB
850 B
Stylesheet
General
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=f42ebbe5-cd2b-4b2e-965a-f939dfd707ec&p_id=23
0
151 B
Image
General
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=f42ebbe5-cd2b-4b2e-965a-f939dfd707ec&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=f42ebbe5-cd2b-4b2e-965a-f939dfd707ec&p_id=23
date
Sun, 05 Nov 2023 10:04:11 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=812592df-482f-48ec-a7c3-7e740bda025f&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=812592df-482f-48ec-a7c3-7e740bda025f&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=0152d61b-5cba-5235-b79b-c321d2dcabbd&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&p_id=15
0
155 B
Image
General
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:12 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&p_id=15
date
Sun, 05 Nov 2023 10:04:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/
900 B
1 KB
Image
General
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Sun, 12 Nov 2023 10:04:11 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/
0
318 B
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=-48&tvi50=13497&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
74
date
Sun, 05 Nov 2023 10:04:11 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59253
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230067-FRA
pragma
no-cache
server
nginx
x-timer
S1699178651.328818,VS0,VE74
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
6 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c240d086c01646f9f5ce652d31e71aadb74564b68e64f57a583c8e1cfb170246

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 05 Nov 2023 10:04:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
2792315
edge-cache-tag
500629582064787076250330989933903002781,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
89
req-referer
https://news.livedoor.com/
content-length
5682
x-request-id
d17805a10815dd60b1cc574c4287a969
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100100-IAD, cache-iad-kiad7000169-IAD, cache-lax10661-LGB, cache-iad-kcgs7200137-IAD, cache-fra-eddf8230067-FRA
last-modified
Sat, 19 Aug 2023 13:57:46 GMT
server
nginx
x-timer
S1699178651.328752,VS0,VE1
etag
"2c06eb9fcf42f312df1716abc49de731"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 59, 1
1191511600__nIK9BZYg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
3 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
46f183df12f053ff00f72b2835d7c4f6b70d2596f4722df2f540b9403242fa22

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 05 Nov 2023 10:04:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1191511600__nIK9BZYg.jpg
age
1613263
edge-cache-tag
491039219223133264994354399708687091833,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
491039219223133264994354399708687091833,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
62
expiration
expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://viduppu.com/
content-length
3118
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200078-IAD, cache-iad-kjyo7100154-IAD, cache-iad-kiad7000046-IAD, cache-fra-eddf8230067-FRA
last-modified
Sun, 20 Aug 2023 15:38:50 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=2121,oheight=1414,obytes=1897321
x-timer
S1699178651.328731,VS0,VE1
etag
"ad4f0727802d4208dd3f8ee9ca0c07a3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 8, 1
96448949963314e54ab48f6cc6d6e9f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd9f1c20e604b9ea21c51b520475858e8b9abfb6987e2bd10db0e9c0d53d757b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Sun, 05 Nov 2023 10:04:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/96448949963314e54ab48f6cc6d6e9f8.jpg
age
2854457
edge-cache-tag
594210078550666227874131581905415109830,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
594210078550666227874131581905415109830,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
500
req-referer
https://www.gamesplayer.it/news-videogiochi/giochi-playstation-su-mobile-aaa-in-arrivo.html
content-length
3682
x-request-id
60d1335435fe0346e05a4fcd7b779eb8
x-backend-name
US_nlb105
x-served-by
cache-iad-kcgs7200142-IAD, cache-iad-kiad7000119-IAD, cache-iad-kcgs7200066-IAD, cache-fra-eddf8230067-FRA
last-modified
Mon, 25 Sep 2023 10:52:58 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=5351,owidth=1000,oheight=600,obytes=250157
x-timer
S1699178651.328739,VS0,VE6
etag
"898818ec8a346a096380f8c916fcb529"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 7, 1
st
imprammp.taboola.com/ Frame 6E5C
577 B
436 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&cmcv=&pix=undefined&cb=1699178651213&uv=144919960&tms=1699178651213&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8d793beb-e12c-4788-89d5-4c1a35531eef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24d760d81f93ca90bad80596aaac488d11b4e77863f29fcd17a2e7f21e9d7354

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 05 Nov 2023 10:04:11 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230067-FRA
x-timer
S1699178651.471144,VS0,VE10
sync
am-match.taboola.com/ Frame 35FE
439 B
525 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
66ba7ae4c8bc5b8dbdd180a31e0748cdae29d91336cb494260a7d761b9a0e29e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 05 Nov 2023 10:04:11 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
700 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1699178651230&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=146687625&pt=-705475704&tz=60&viewable=true&ddast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fa8cc5864981df7c04184f215bb13c031ee928376bcc8b3406eaaf47180d23e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1473
x-cache
MISS
x-served-by
cache-fra-eddf8230067-FRA
pragma
no-cache
server
nginx
x-timer
S1699178651.471143,VS0,VE42
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
44 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66622845&crid=6926735&dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&cmcv=&pix=31589837&cb=1699178651213&uv=144919960&tms=1699178651213&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1699178645753.7!ts:1699178651213&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-length
0
server
nginx
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
160 B
633 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 09:41:30 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1362
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
VSNypTqYqBXs4gctYgh1V2-LKVTdAZ82_EcV6WsvD4tYBLsWXlgTSQ==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 236B
24 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c060261c4e9eb931525fde154a4ec936270460a323bd9214a001384f87e46c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10262
x-xss-protection
0
server
cafe
etag
17875529785934587769
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:11 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame E2A6
714 B
785 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
4055
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8214456b2b829a3f-FRA
content-encoding
br
content-type
text/html
date
Sun, 05 Nov 2023 10:04:11 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcTJ4MA7QNFlhcs4%2FBCaL%2B1R%2BLEbDaLZu4yLXOWhIzYGcuRmCnFR6Sp0bAu2ayciPHHas5kOnmGmDAP9qp%2F68UCjpUtD4wvxUFhbXCx7yArBzbZNjaCNGfPil%2B8sU5AaV4FqA4r7bMBgORf3PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 912E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Nov 2023 10:04:11 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 05 Nov 2023 10:04:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Sun, 05 Nov 2023 10:04:11 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ Frame 60B9
4 KB
767 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 08:52:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Nov 2023 10:04:11 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 60B9
21 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
50860
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8796
x-xss-protection
0
server
cafe
etag
1225823381704108053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:56:31 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
311 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f0e87fb9519bcdf1cd40111e5ae3d2992e879ecf126517571371861d1e4abc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbWlJpCuT1XC6vj5jAu6uxLVKss8SdqXoLpEYP3Gytf8l1FbY5%2FkqmOQ4UofNU7mX0TV3v8GIe1fvbaPH5NlwwH4Fz9LjVJ4NS1Ppfs9LG8g%2BjyokdeotUa5B06y5OVxGWD6bQFP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8214456d8df44da2-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
311 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f0e87fb9519bcdf1cd40111e5ae3d2992e879ecf126517571371861d1e4abc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhfLT0rs4fRwkR9wy1HoqydRiWd2IidZ7%2BcOGNCKmcBcioWWCaTzUd4l%2BqwV9KVei5RknP7bRTm75lR0u5MxNpdXr3OwRvU2JvMDWJmgVPpEZuzEkFdVeo%2FIFQoy%2BtHDtWsq1NQU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8214456d8df74da2-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
315 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f0e87fb9519bcdf1cd40111e5ae3d2992e879ecf126517571371861d1e4abc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCT3nQQkwFyx7g%2FPvpwZ9nGyGhZeJ5EEj4io9Sfzt%2FX3VtmdlAyxdlvnL%2BKcYkDAyPbICC3QUSXb41IXDyUAQtBmosszNN3YF1O6O3GdrdC24AOFwwWSiQI%2BXkC3GJ4lH%2BHR9p7S"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8214456d8dfb4da2-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid-request
onetag-sys.com/
15 B
406 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bid-request
a.teads.tv/hb/
16 B
611 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 05 Nov 2023 10:04:11 GMT
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
466 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
80b0eceb85e0b54c34ca4da4a2b11fa7e7efd11c9d7dbee2c6f93457c5c16ef1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
14 KB
7 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=c5872001-d71a-4247-8bce-0e7ca612a0c4%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%96%B0%E5%8C%96%E8%AD%A61%E6%97%A5%E7%A0%B42%E7%AB%8A%E6%A1%88%E6%96%B0%E5%8C%96%E8%AD%A6%E5%8F%8B%E6%9C%83%E9%A0%92%E7%8D%8E%E8%A1%A8%E6%8F%9A&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=4b750b87-2b54-44d9-9856-016f6fb9bf7a&l_pb_bid_id=64a6e0d65c584b2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4b750b87-2b54-44d9-9856-016f6fb9bf7a&rp_maxbids=1&slots=1&rand=0.5928762153325475
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
aed23d753b8ace96398ddd3b0705b654e37a7d81cfbb4c5174ec04539dfcc0aa

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/
0
158 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 05 Nov 2023 10:04:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
server
envoy
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/
3 B
517 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
22
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebidjs
rtb.openx.net/openrtbb/
53 B
229 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
2155d4fa4db95a85d21ddfad33890834452ccccfa72d522489f51383cfa92910

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
0
41 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 05 Nov 2023 10:04:11 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
cdb
bidder.criteo.com/
0
188 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=6639490180&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 05 Nov 2023 10:04:11 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/
1 KB
2 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
26b53d9ef9d03daa5efbd24bd334c7ec4b55876d6ab0ffa70e4c388f741f1fa1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
96
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 10:04:11 GMT
/
prebid.smilewanted.com/
0
35 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8214456daa30367e-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
ib.adnxs.com/ut/v3/
137 B
698 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
97b55d053bd210be0b239f66040b2178e861c97f48334298c0737f645dfb4828
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
an-x-request-uuid
6674a15e-0fbb-40e0-b2c5-00ecd6b37406
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
137
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/
24 B
361 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.136.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-136-176.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5dcb4b5b1691d778d9e2590060ea65d53a3b0acbbbc16f513e17f13075f78b03

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 05 Nov 2023 10:04:11 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
adreq
ads.servenobid.com/
592 B
656 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=7180
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
84b3099389d3f4a1bc1a5d94e8684fcfb7c09d279598ff2ed8fc555273e86230

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
tlx.3lift.com/header/
19 B
587 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.226.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-226-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E2A6
99 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70baee62d75487b471c75a1c02809ac4fea9eeb51eb20ca3f54d12c3f0a6d247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31192
x-xss-protection
0
server
cafe
etag
809 / 19666 / 31079372 / config-hash: 7101305502720886139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:11 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/144919_960/infra/
813 KB
132 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/144919_960/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
39e054b609a755b20fc55c8e0b18ff3cf15c2685219da978d96b6cbb4d696b4a

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698833110
date
Sun, 05 Nov 2023 10:04:11 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
CN5ZMXW20VYPCCJJ
age
227444
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698833111
x-amz-meta-mode
33188
content-length
134881
x-amz-id-2
nUNM1g15Sr/3e18qAchH5K/HDLsz9yZH8IAlKarymXxzEkM6BlBzzwAGvMPOWMdwR5+/YDW45Xg=
x-served-by
cache-fra-eddf8230118-FRA
last-modified
Wed, 01 Nov 2023 10:05:12 GMT
server
AmazonS3-br
x-timer
S1699178652.845262,VS0,VE0
etag
"351a7e039f190a4be2fa9454e6d4753b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
12102
cmOsUnit.css
vidstat.taboola.com/vpaid/units/144919_960/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/144919_960/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698833128
date
Sun, 05 Nov 2023 10:04:11 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
J805VCPXQTCNT853
age
345244
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698833129
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
ScRC6p4ip5/0+J8ZOUTT95QPwmbd5K55s2kKr3YSqcWDGK+mnATzoMkQdZHkY69W1G2OnRxpRo4=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Wed, 01 Nov 2023 10:05:30 GMT
server
AmazonS3-br
x-timer
S1699178652.864937,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
27487
generic
match.adsrvr.org/track/cmf/ Frame 6E5C
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&cmcv=&pix=undefined&cb=1699178651213&uv=144919960&tms=1699178651213&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8d793beb-e12c-4788-89d5-4c1a35531eef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:11 GMT
server
Kestrel
content-length
70
content-type
image/gif
befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6E5C
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&cmcv=&pix=undefined&cb=1699178651213&uv=144919960&tms=1699178651213&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8d793beb-e12c-4788-89d5-4c1a35531eef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:15eb:19d4:d59:9b24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aW4taHVhLWppbmctMXJpLXBvLTJxaWUtYW4teGluLWh1YS1qaW5nLXlvdS1odWktYmFuLWppYW5nLWJpYW8teWFuZy5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtNGY0NTI1MmEtNjA1ZS00OWE2LWE5NzktZTZlMjA2NzM3NzFiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI4Mzc3MjdhYS1iMDhkLTQ0YjYtODczNy01Y2FmZWViNDlhNWYiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk5MTc4NjUwOTUxLCJiaWRzIjpbeyJjcG0iOjAuMDUsImFkSWQiOiI4OTFhN2ZmYjFiYjNjNzEiLCJvcmlnaW5hbENwbSI6MC4wNSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjkzNCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkxNzg2NTE5MzB9LHsiY3BtIjowLjEsImFkSWQiOiI5MDRmMWU0MGNiYjcxMzciLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTAyMSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkxNzg2NTIwMDR9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoidGVhZHMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6IjkwNGYxZTQwY2JiNzEzNyIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxfV0sImNvdW50cnkiOiJDSCJ9&c_b=6255.799995422363
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:11 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 35FE
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:12 GMT
server
Kestrel
content-length
70
content-type
image/gif
befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 35FE
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:15eb:19d4:d59:9b24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 35FE
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
a1550967.js
js.genieessp.com/t/550/967/ Frame 05D4
9 KB
4 KB
Script
General
Full URL
https://js.genieessp.com/t/550/967/a1550967.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.129 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
128161533312fa79a057e50dfaf61f7ab9b2d44c4be01fb22d125b1b2e3c23d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 08:08:17 GMT
server
nginx
etag
W/"65016df1-2598"
content-type
application/javascript
cache-control
max-age=900, private
cross-origin-resource-policy
cross-origin
expires
Sun, 05 Nov 2023 10:19:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 05D4
189 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:12 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
745 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 05 Nov 2023 10:04:12 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
28596
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1699178652.059472,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
5
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8738
usync.js
eus.rubiconproject.com/ Frame 912E
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aa2dd03f1dbea5a540be099b05c71b8f902e0482ccd987b2a3b410a9d2b4dd7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 10:04:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Nov 2023 18:43:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31167
Connection
keep-alive
Content-Length
13280
Expires
Sun, 05 Nov 2023 18:43:39 GMT
usync.html
eus.rubiconproject.com/ Frame 7070
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&cmcv=&pix=undefined&cb=1699178651213&uv=144919960&tms=1699178651213&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8d793beb-e12c-4788-89d5-4c1a35531eef&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Nov 2023 10:04:12 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/
28 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=965832866439023&correlator=3925352630561866&eid=44807410&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&arp=1&abxe=1&dt=1699178652158&lmt=1699178652&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsnCy7SPeWV129gIVhsODZuOSFSZ5Y1PbrjSVh09T7x2jVlVzpqPIHCf46DG1tiT_rCUzStYYWM2gfWRt7JmYfA&ga_vid=1267633721.1699178649&ga_sid=1699178649&ga_hid=605714203&ga_fc=true&dlt=1699178647876&idt=1519&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26refresh27Split%3Drefresh_control_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D904f1e40cbb7137%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_1%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_1%26faid%3Dfalse%26adro%3Dv8_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba1e72fa21b154ee9095881e61112a411513758f51362824fc09ad3696b53b6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12294
x-xss-protection
0
google-lineitem-id
5221339621
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440838545
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 236B
148 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e027999d370411b5437ccffa2ae698c793bc2a74ed2d7e3d1992ec9dab9dd1c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51996
x-xss-protection
0
server
cafe
etag
11517177225154946890
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:12 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aW4taHVhLWppbmctMXJpLXBvLTJxaWUtYW4teGluLWh1YS1qaW5nLXlvdS1odWktYmFuLWppYW5nLWJpYW8teWFuZy5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtNGY0NTI1MmEtNjA1ZS00OWE2LWE5NzktZTZlMjA2NzM3NzFiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjAxYWFhNjc0LTE3NDAtNGNkYy05YzZlLTBlZDY0NGFmYTA5YiIsInRpbWVPZkF1Y3Rpb24iOjE2OTkxNzg2NTEwMzIsImJpZHMiOlt7ImNwbSI6MC4wNiwiYWRJZCI6IjkxMWE3YWE2NGNmMWZjZSIsIm9yaWdpbmFsQ3BtIjowLjA2LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNTk5OTk5OTk5OTk5OTk5OTUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjYwMiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTkxNzg2NTIyNzJ9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoicnViaWNvbiIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiOTExYTdhYTY0Y2YxZmNlIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA1OTk5OTk5OTk5OTk5OTk5NX1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=6528
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:12 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
pixel;r=162180691;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=162180691;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1567207863-1699178651251;pbc=c5872001-d71a-4247-8bce-0e7ca612a0c4;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1699178652394;tzo=-60;ogl=;ses=8f785aea-3b04-4dbf-ad04-c6c0f64bf855;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7070
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aa2dd03f1dbea5a540be099b05c71b8f902e0482ccd987b2a3b410a9d2b4dd7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 10:04:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Nov 2023 18:43:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31167
Connection
keep-alive
Content-Length
13280
Expires
Sun, 05 Nov 2023 18:43:39 GMT
adxprebid.1.2.aspx
inv-nets.admixer.net/
0
261 B
Fetch
General
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 05 Nov 2023 10:04:12 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
prebid-request
onetag-sys.com/
15 B
406 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/ Frame E2A6
425 KB
133 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16a2002fe6073aa0708f1048d7e523b42f8043a72770e1c5782c7e1010ab03a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 12:52:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
76331
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136527
x-xss-protection
0
server
cafe
etag
6152360919581633401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 03 Nov 2024 12:52:01 GMT
khaos.json
token.rubiconproject.com/ Frame 912E
7 B
776 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
ads
securepubads.g.doubleclick.net/gampad/
28 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=965832866439023&correlator=693282787065198&eid=44807410&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&arp=1&abxe=1&dt=1699178652779&lmt=1699178652&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsnCy7SPeWV129gIVhsODZuOSFSZ5Y1PbrjSVh09T7x2jVlVzpqPIHCf46DG1tiT_rCUzStYYWM2gfWRt7JmYfA&ga_vid=1267633721.1699178649&ga_sid=1699178649&ga_hid=605714203&ga_fc=true&dlt=1699178647876&idt=1519&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.06%26hb_ap_adid%3D911a7aa64cf1fce%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_1%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_1%26faid%3Dfalse%26adro%3Dv8_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6683a79368bab3435657192602ceba85a425c2c02a07b2e29d54a2f915cd17ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12314
x-xss-protection
0
google-lineitem-id
5221734842
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294149007
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
L2EveGluLWh1YS1qaW5nLTFyaS1wby0ycWllLWFuLXhpbi1odWEtamluZy15b3UtaHVpLWJhbi1qaWFuZy1iaWFvLXlhbmcuaHRtbA==.json
cdn.adpushup.com/42753/
555 B
245 B
XHR
General
Full URL
https://cdn.adpushup.com/42753/L2EveGluLWh1YS1qaW5nLTFyaS1wby0ycWllLWFuLXhpbi1odWEtamluZy15b3UtaHVpLWJhbi1qaWFuZy1iaWFvLXlhbmcuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 04 Nov 2024 10:04:13 GMT
date
Sun, 05 Nov 2023 10:03:26 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
content_v3.js
vidstat.taboola.com/
16 KB
5 KB
Script
General
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/144919_960/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1741258
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1699178653.011130,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
243344
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v146687.625/
426 KB
81 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v146687.625/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/144919_960/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
28d55df292b191f09b9ed2b575d1030beb6d934d862d6b8b7a6cabefaec04e7b

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698659332
date
Sun, 05 Nov 2023 10:04:13 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
CY6GYYGNYWZVB24E
age
510509
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698659345
x-amz-meta-mode
33188
content-length
82076
x-amz-id-2
yprD5ADBP1OG6RRNFzyZIKV4ND+m408Ex2dWGjoEdo19C/969J6DcUr5i1GZYEqI9yDpj3d1sP4=
x-served-by
cache-fra-eddf8230118-FRA
last-modified
Mon, 30 Oct 2023 09:49:06 GMT
server
AmazonS3-br
x-timer
S1699178653.033988,VS0,VE0
etag
"e7cbfba98e997c3d126719e2a10bc838"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
39750
sync
am-match.taboola.com/ Frame B16B
422 B
507 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/144919_960/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
755d91d9ebb6a309a2429ded5b65120b7d245d47e98a12fa22157f1cd4f4f575

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 05 Nov 2023 10:04:13 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66622845&crid=6926735&dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&cmcv=&pix=31579697&cb=1699178653029&uv=144919960&tms=1699178653029&su=3&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-length
0
server
nginx
khaos.json
token.rubiconproject.com/ Frame 7070
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0F31
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSkM5bTl5fx2zbXCNjY3K3iQP9Y0ieLqeidd4DyTNwDMBmZ2kF2A7w9CAwhTE7YpJBJdyOT2lz2akGxSsoSaibMtIqosQE5nsf3lxuA-vo1WwyOoUBtijmdk85kbf3c_1rx6sD8gk9SgzYVLFxo6y42dIzYI5S2AnefMiUmYmFx70IJhrdekZ92dwSqll56vjILe_JqN8RxI8bXRiyXU0MpWEz-uHpA6wlPPOQ6nlQTr-J-cYy8pf6X_ohtLZIkMgi04xZKVntUsOC6Ac9qyvQcxexeZ1M3S_4iRmFiO0b-IBpacU4RNM6wwZMJ34IQYpI8UGdfIe1554anVuyIKsUAiBO7POh&sai=AMfl-YTT18thqbs0Fwx0r6iq-Y1p4AZeSf4AnAR83funI1rI9Sdvn3bKha-QIvh3K6yRqURyu32qLFtmMIVg6Cvj6XaKMmj8phGI6bxLpnTwtcazQTHFbBMJ6vfgJRYRBGU&sig=Cg0ArKJSzKR9uSH9mNbVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/
2 B
252 B
Fetch
General
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:5f2c:97f4:e029:49be Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14
a.teads.tv/hb/ad/ Frame 0F31
4 KB
3 KB
Script
General
Full URL
https://a.teads.tv/hb/ad/eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6031758a273bf4cbb9e3600d0200c73235f0fd90939007ef7edb7eaa5f390bea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2431
expires
Sun, 05 Nov 2023 10:04:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F31
189 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:13 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aW4taHVhLWppbmctMXJpLXBvLTJxaWUtYW4teGluLWh1YS1qaW5nLXlvdS1odWktYmFuLWppYW5nLWJpYW8teWFuZy5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtNGY0NTI1MmEtNjA1ZS00OWE2LWE5NzktZTZlMjA2NzM3NzFiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsInJlc3BvbnNlVGltZSI6MTAyMSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoidGVhZHMiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDEsIndpbm5lckFkVW5pdElkIjoiOTA0ZjFlNDBjYmI3MTM3IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6IjgzNzcyN2FhLWIwOGQtNDRiNi04NzM3LTVjYWZlZWI0OWE1ZiIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=7343.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 912E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOLB3IFW-1C-2D87
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOLB3IFW-1C-2D87
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Sun, 05 Nov 2023 10:04:13 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sun, 05 Nov 2023 10:04:13 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
3629998
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1699178653.172141,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
1125669
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ Frame 236B
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
330f7a02aa5131098a43f42ca0f19c8d1465a4ee1ef18f3326e9734c3f26f379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138211
x-xss-protection
0
server
cafe
etag
11847539621177649588
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame C2F4
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2283
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 09:26:10 GMT
etag
251720774729838433
expires
Sun, 19 Nov 2023 09:26:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame B16B
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B16B
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/befd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:15eb:19d4:d59:9b24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame B16B
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.98.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-98-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 0952
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur9oXdv2ee8-wJX6GuAM2hCprmJwGowePL76YInQFlmIx4Bwbz4NkURYO6jeUFq84Cl_VRQ3aHQM6tk-yKzCsUV9qSDMGgABC9HNcuOhGf6pK5oE3DlTGiOVsr-5pZqjnqyDdlie3z1JUsPyqrTl70evuKrGUnDTeNY5XOl0mL95xRTFOxIaz6XgCaj7xKLjcaRFNJyld-R2tfIuA5545RRlTZTkWaIhPI_d7crndUt93kLMI5h-4XmcZYu4NneE7XSXAG00oREzLT5hRLw8UvAFcgHsRA3kF8qx64FLQ49wwf631czkhqeZJxLf4j1z6DnfQT-9t4s9ATEEw_HL4CWV5zAXfA&sai=AMfl-YT72twMh07-gHxxoX8_yi2NNoZDH-ZzizxbTHPnPv71s8jeMunn-zKYhdWg7uba0Ss_FnY_SXsRfBL4NdVZpek3SOMuz9tZEbQ7G_7ihCpuT3eLNxBr7SrkWTOEYw0&sig=Cg0ArKJSzOvrlooED7VqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/
2 B
252 B
Fetch
General
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:5f2c:97f4:e029:49be Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3276
267 B
167 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNUqiwA_DAOZC7jiGPnI261KImyeKhp8XgoY7rKqWehGGEQPrYL5TN4_5__ZaPfX4g1xQRZMwdFaosul3ZpSgQZ-qaXmjA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0952
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:13 GMT
r62eglto.js
ad4m.at/ Frame 0952
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
455583
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1CiJAuscBD%2BW%2BQnoigdjAbxPKZfOZgi5GIZw6pkuh1%2F1riKm1cdg5nvch%2FmxXZp1n3s3qfXkYLyLX1m9S1R50fXuGUAtBF%2FktjF2UrWde5KDnQxiMWzFOrxZM2p4APofdggUQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
821445788a9d9b6e-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 31 Oct 2023 03:31:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0952
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzGfOhiLizwDoszV6KpfR-4DmfPSL_FBD83PeVf9DYSg-FsH7YLXfsyRsjsMS2onj1tUhgAJsFRA8xpyZuHHK0AoQ2AX_qZ0I91qZsdQlSICbg5MU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0952
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12384725412355742139&x=8&ct=77
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9e635c52-260a-484f-9934-20cf2f14b2a8
beacon-ams3.rubiconproject.com/beacon/d/ Frame 0952
43 B
227 B
Image
General
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/9e635c52-260a-484f-9934-20cf2f14b2a8?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=2&e=6A1E40E384DA563B78CD74FBD1E85C7B95BB2FFABFAE14FDA47F84E1E1AD20392A922E0EEEB8F7F43CB9056895E9BA987A3220A15E3EC91DE2AD8B54A775C93A07BD87CE47880D8F9D433DB3EBF167A67A8136C33BC5AD45E5526541046C5F359AF58A9A388EC446185CE8395A8CEF75234BA20C439D667D6726996E02CCD8154E6FC96756E5E5717672C8BD6F9ADF03676F11B2DF2A7C325FFC0DDF961C3A4228FC3026DCD31F9C8C5AEB23845795D0BD5BF1B7B2E6C970CDA10306204D320B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0952
189 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:13 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aW4taHVhLWppbmctMXJpLXBvLTJxaWUtYW4teGluLWh1YS1qaW5nLXlvdS1odWktYmFuLWppYW5nLWJpYW8teWFuZy5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtNGY0NTI1MmEtNjA1ZS00OWE2LWE5NzktZTZlMjA2NzM3NzFiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDU5OTk5OTk5OTk5OTk5OTk1LCJyZXNwb25zZVRpbWUiOjYwMiwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoicnViaWNvbiIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMDU5OTk5OTk5OTk5OTk5OTk1LCJ3aW5uZXJBZFVuaXRJZCI6IjkxMWE3YWE2NGNmMWZjZSIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbNSwzXSwic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiNzI4eDkwIiwicHJlYmlkQXVjdGlvbklkIjoiMDFhYWE2NzQtMTc0MC00Y2RjLTljNmUtMGVkNjQ0YWZhMDliIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=7649.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
js
www.googletagmanager.com/gtag/
271 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8930f8393450950927519a0abfdcc5d76d4908859176055d023bfdc54463d1d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91893
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 10:04:13 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 912E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y1IxFxW1R56vYHxvL1l8fg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y1IxFxW1R56vYHxvL1l8fg
43 B
720 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y1IxFxW1R56vYHxvL1l8fg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KEWVQS4MS2VNP4VA2KXA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y1IxFxW1R56vYHxvL1l8fg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 912E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4oxOSTm8Q_62s51iTjir1A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4oxOSTm8Q_62s51iTjir1A
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4oxOSTm8Q_62s51iTjir1A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K77Q318T4VAGPRXQ50GA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4oxOSTm8Q_62s51iTjir1A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 912E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTg4OTE4ZWIxZDM0ZmZjOWU5YjE5Yzk4MDlmNTE2NDU1NWU2YjI3Zg
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTg4OTE4ZWIxZDM0ZmZjOWU5YjE5Yzk4MDlmNTE2NDU1NWU2YjI3Zg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTg4OTE4ZWIxZDM0ZmZjOWU5YjE5Yzk4MDlmNTE2NDU1NWU2YjI3Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 912E
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 912E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9MQjNJRlctMUMtMkQ4Nw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHjZXSwWdEauZDAXzHLwvx8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9MQjNJRlctMUMtMkQ4Nw==&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9MQjNJRlctMUMtMkQ4Nw==&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9MQjNJRlctMUMtMkQ4Nw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 912E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECOkNIR2aWCfOlRXOILOAYE&google_cver=1
42 B
689 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECOkNIR2aWCfOlRXOILOAYE&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECOkNIR2aWCfOlRXOILOAYE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 912E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOLB3IFW-1C-2D87
0
648 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOLB3IFW-1C-2D87
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:12 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E6959E0474DB4989A7163EE5A551752E Ref B: ZRHEDGE1806 Ref C: 2023-11-05T10:04:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJZNwSaz70bfFMljk/uw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOLB3IFW-1C-2D87
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 912E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/PUaet4o300Wx4qiUXek-Hcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-R.SYbNtE2oIkwBe3RFFq9XFjuDZqB0FK9KlZ3g--~A
42 B
689 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-R.SYbNtE2oIkwBe3RFFq9XFjuDZqB0FK9KlZ3g--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 05 Nov 2023 10:04:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-R.SYbNtE2oIkwBe3RFFq9XFjuDZqB0FK9KlZ3g--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 912E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADYHE7KjtEAABi-8U8OSA&expires=30
42 B
689 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADYHE7KjtEAABi-8U8OSA&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADYHE7KjtEAABi-8U8OSA&expires=30
Date
Sun, 05 Nov 2023 10:04:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame 912E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOLB3IFW-1C-2D87
43 B
943 B
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOLB3IFW-1C-2D87
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
an-x-request-uuid
955feac7-155a-4e3b-91f3-ecb29d1ccbab
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOLB3IFW-1C-2D87
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
v1
match.sharethrough.com/sync/ Frame 912E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOLB3IFW-1C-2D87
0
35 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOLB3IFW-1C-2D87
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
3.120.44.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-6.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOLB3IFW-1C-2D87
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 912E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOLB3IFW-1C-2D87
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOLB3IFW-1C-2D87
95 B
427 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOLB3IFW-1C-2D87
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 05 Nov 2023 10:04:13 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOLB3IFW-1C-2D87
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
magnite
prebid.a-mo.net/setuid/ Frame 912E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LOLB3IFW-1C-2D87
0
150 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOLB3IFW-1C-2D87
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOLB3IFW-1C-2D87
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
pixel
capi.connatix.com/us/ Frame 912E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LOLB3IFW-1C-2D87&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LOLB3IFW-1C-2D87&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B
Image
General
Full URL
https://capi.connatix.com/us/pixel?puid=LOLB3IFW-1C-2D87&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8214457c2e0865d2-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 05 Nov 2023 10:04:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LOLB3IFW-1C-2D87&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8214457bad7765d2-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
tap.php
pixel.rubiconproject.com/ Frame 912E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=45d183f6-784b-4200-92b5-c2dd62722804&expires=30
42 B
689 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=45d183f6-784b-4200-92b5-c2dd62722804&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=45d183f6-784b-4200-92b5-c2dd62722804&expires=30
Date
Sun, 05 Nov 2023 10:04:14 GMT
Connection
keep-alive
X-CI-RTID
e15b328c-975f-4d4d-99ba-d7a983640e44
Content-Length
144
Content-Type
text/html; charset=utf-8
merge
ce.lijit.com/ Frame 912E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LOLB3IFW-1C-2D87
0
311 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LOLB3IFW-1C-2D87
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Server
216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:14 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LOLB3IFW-1C-2D87
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 05D4
724 B
643 B
Script
General
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1550967&cb=76976162385&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&sw=1200&sh=1600&topframe=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.18 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p018.net133186012.broadline.ne.jp
Software
/
Resource Hash
f37bbc7351a147c46e39abbc29083386e848eb80396410db8bf3257732926c5d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 05D4
633 B
597 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/550/967/a1550967.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e270 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
content-type
text/javascript
cache-control
private, max-age=14400
content-length
445
expires
Sun, 05 Nov 2023 14:04:13 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/
112 KB
32 KB
Script
General
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 05 Nov 2023 11:04:13 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/
61 KB
9 KB
Stylesheet
General
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame 3D69
754 KB
242 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
492669
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 17:13:04 GMT
expires
Tue, 29 Oct 2024 17:13:04 GMT
last-modified
Mon, 30 Oct 2023 17:07:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 Nov 2023 10:04:13 GMT
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0935
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 09:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 05 Nov 2023 10:12:44 GMT
video
ad.vidverto.io/delivery/rtb/
0
0
Image
General
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=TviDXe1nQjYJnsYVPSSF2sgM%2FSNwfLDNBHhG%2BK%2FoUKnf6RvllROjoyWgFCeYPKkwmkH5WEkhds1DVC5PvD2NMS0YLqU%2Bqg10yYnc%2FWeMpqJk0hGzescPoh08M0nR3Cx7ngVpGskvSpjC3QKVzYmUswk%2FKgQxZVLsys5Yq6zqzbAZ%2FDm1OCfN48pva3iNjpcEcHfy%2BfxaZnQBjshCKY%2BH0QyWRy7LLA%2BvhBt8gOECvH93sbjiX1vxsTIe7K%2F%2FvkqNZxfPidx3Mt0fBJYfGVP0%2BEbArc9tS84rlS9p1cGLNCp2E1Uv60Dd%2Fe3fwE82ws5Yvfb8EoucSc60K4sOwqoGuuVY7tlgwEpqEC5t%2Fuj%2F2gNRS61wioBa0hTBkSjNH%2FG6iZrgcSIHy284Id4VAiwxw6I35sfUhG%2F2JBKYarJSZU4Bh5q0NeMGA2eytA7vKMHSvow3LZNE8xHWKnjO%2BeFjAYVpMLYw3%2FZ6gqKTqeidThK%2Baaf%2FpOfB2HeYh%2B2EARinwmPLeZRBGFqMVi1xbQewZyqqULdQSWA2bWbpP1iiK%2FqcvXPGMYOMRcWlzup75PeHOix1f%2BC6QVcCxakHsV0eqg%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

generic
match.adsrvr.org/track/cmf/ Frame 3276
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEADsvmaILxyxxQ7demb3piM&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEADsvmaILxyxxQ7demb3piM&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=3f32daf882ff0df953c51198072a273e&uid=3f32daf882ff0df953c51198072a2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNUqiwA_DAOZC7jiGPnI261KImyeKhp8XgoY7rKqWehGGEQPrYL5TN4_5__ZaPfX4g1xQRZMwdFaosul3ZpSgQZ-qaXmjA
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:13 GMT
Last-Modified
Sun, 05 Nov 2023 10:04:13 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3276
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNUqiwA_DAOZC7jiGPnI261KImyeKhp8XgoY7rKqWehGGEQPrYL5TN4_5__ZaPfX4g1xQRZMwdFaosul3ZpSgQZ-qaXmjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:04:13 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame E2A6
498 B
276 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2282710649184137&correlator=429971085010257&eid=31079372%2C31079380%2C21065725&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1699178653692&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=xp3pptgtjmg&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qPwb3l4WTAtj-VdTO4cq3jQ0k8vCB9Wb0X_pc5tgNb5iqhm_tG7SHw4MAfTzeY277ft6C35IodeTTFcod9ejxZ12yAwerdR3O36hGCKAPdEP_SDvkQ3XiHl-ySaWp2Q8aBsDcWgHQLMmIHO1T82PcT21ddTMofPiY4grexftxs&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1186870295.1699178654&ga_sid=1699178654&ga_hid=707665414&ga_fc=false&dlt=1699178651758&idt=1603&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2b95a5da3d9bd50159d153084441751a02fa516e3991f9e1f680fd18e4e2555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E2A6
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311010101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fba7786e246258893ff5d10601988843424ad1af4b40ad57a2f9f69146c58a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12144
x-xss-protection
0
container.html
7ab47f7be212df0933e9d71403734c09.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 06E0
6 KB
3 KB
Document
General
Full URL
https://7ab47f7be212df0933e9d71403734c09.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:13 GMT
expires
Mon, 04 Nov 2024 10:04:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
carousel.js
a.teads.tv/media/flavors/ Frame 0F31
88 KB
25 KB
Script
General
Full URL
https://a.teads.tv/media/flavors/carousel.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
83a763f0e028265bb83be112d12f8c2f39cdd2948d9f9811a85b2a111301fd74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 09:29:01 GMT
x-amz-request-id
7E65NKHKYQRYYSR7
etag
"2f9aca5b2cdc07850e90af7b0add73f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
6
accept-ranges
bytes
content-length
24810
x-amz-id-2
AOslsYtDmEJOIzidSHE/CMVGVv8lO2fgw82HmmQqmTxqP40fUR7RO+QT7+6MhynCNx1Ao5kCqK4=
expires
Sun, 05 Nov 2023 10:34:13 GMT
480_650.mp4
cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/
236 KB
0
Media
General
Full URL
https://cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 05 Nov 2023 10:04:13 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
783 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1699178653861&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=146687625&pt=1291459122&tz=60&viewable=true&ddast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b14bba8cbd353dbae1ac3cc252ac9e028280a36fa9cef8cc3eca12ba5cee45c3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 05 Nov 2023 10:04:13 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1460
x-cache
MISS
x-served-by
cache-fra-eddf8230067-FRA
pragma
no-cache
server
nginx
x-timer
S1699178654.931663,VS0,VE31
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 0F31
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a431c0869e49b79160b64910f0fcaa34f9a24e5603d085f8cd7bf8e105b0a25a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 236B
210 B
551 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc44d54e624144737bb4645074c701dab38c2a328c9a878d236d355afd3b0e71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 594A
28 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e1dc0df32e4e760234ca5955d470f67bbaddffa64c40de107a212a5043f33b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12298
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0952
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7240896015948&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0952
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7240896015948&version=m202309260101&ct=77&x=8&cor=12384725412355742000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0952
31 KB
19 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B60s1rMGfDx7YhDYdY-a6esL8qy0V4bZ5yyK7hIR6kUW6fbtNtY4ojnBJsHPPg7BM8U_PVSul4UIDjW_Np9BAwWOAmhp1GbjaDNoluvd2MGygo8ZZKm7L2dPcOegCB0M2maWdmKbFEYOAId6am3suvW6SHchcpW5DnSk0Fm2JavQIFc04&cry=1&dbm_d=AKAmf-AhFDpj724FgEM90RHWFXyHbPUqxF7MkIH9rA8t92uk9o_UC8RSHgV1yDMD25B36nNmEqO3El2vorJpPzdr6l3hK0thtu2f7hSPQSEDtIYGRE_Rf4JGw1IA6umTuMhm3F7Bq22Es-gplYAm7G6-IxQm0De_7Bm58kndGFWmMjLJ_ya1TFeK2RGLdPT2vo1TrkE5eiSl9rUE2T8SDvWFlZEX6tW8ARjsQgIRkM4ToGf_oM_upHjx1iKYE_qCQeSCQRiWS2xRNXoAmtlzKXx98BaP7DnKgUKyK8kjhX01Ne3cOdI5VULGEFVIUmCmppc6pJHy_aY4ILoMu92qHEmqJ29wL2rbS7PAWNLTKQxLsc8jbg3_DVLoHx55yIurJmjXNkrvecAeZ8CMplQw1h42dgi0mNHmmVymoqrB6hV8i-wI_cny_UzhajL8ocd9UGwe1PqaoP6pi2r8dmDgqS7K470njWuECJLm9gxwICDgxJ4AktlW8QlQNE7A6G_wKTVjglQ5pzaiNLtIM9IvkL_agNqToFHsBSYJIWCLFXi2DpsfvlEkHC9VEFsmGNzTbUP5oYlhxw2G4J2jHfTAP-8Ehbc6vBpNHUhuOLnUcJqjrkad8qKdnzN2_WiXbOFafgry_hWpWikj_KspzB95hw6wcNW080bVJjQejbD46Pmy1mJZa5DZ34lJHlt3WRUk2x0LW3Et30tqqUojhdJELVgt9_-ypJvYHPw6iEok454m5hyq70M1OyE32vhkCGYjpnty_ud8A3ZTRSP4zP-ZI67XXn9vFg6DTnXmS9sPBd7JOxKsUAbc5Qc1MJysMsXyY_g2xKIsimzk4XsfR6StpHs03pLB0sELcTiflGcxo4pNKXMQcufHGnhAQD-fEk4bQPk5ZTEjcaWp5V8L7J55xMyqSsNBIuE4gyWm4zxbMs6CnZ0ExKHv849FMvJ-0lN8PxQGPOaWtDJ-qJLpiNSUQn2-S_0yWwEMpnoOcPnWaD5U8d8zNB4Is27QSlyc1wheGFI95ETQpoIUnqmv5M1uGTe322xbaXDOMXgpoBhLsgLBV3CKF1uTtrbERJumFsPyYqOvG5RMq-K-wFHnEFc6ElW2_N2AaLkurT7kfhSvYth7Nh9YZn66H4rJBYWpLw0WXPnyISiNu58MVIpSz1N-7JcVv2vxVkEJpuejl6IY_SD9-RefIl9qiF3180TCejWDNMqPAwv47ht714cee7-j1YoxqNABYJ9bl8-ev0kX_OxNve7v4rfCEoCSYRi-QBzZh6sz9UgQaxvBKLgStKj5raOONt2tRACXNrn9NstEvzlKPBT3wmxCDSM4ArwLcLRPzE_ascj67uVQ1lZz39k2b7GYRr3u3NygDGSQFoevhqB7J_NcSptj_o56hc9Y1S2alcEp4ULTF5p2j7O4t-pIMFOYVNuNPXcxipRv66hwjjoL7JPwBTmZ-2Sahy-h-OoqpoHD0nfR6LaiYl3gI9AK5Reu02natcnqD1Gx-VJiiKWfH5EwOnHQft0AnsOO5jCYHCOi8wOKdVt9WoSWsnEXSXKEBXXHPVRchuSbuJMuDpI4T0nz4H9maoM64Zz8CrJ0ZPH1Uj7mDCwJXfkdBUeWmZdBdudK2ftI2toTpNDWsH6RIuCJ8kkiWUJdCk8Rua89K44qSymO6ujDMaagA5ZNIac2kSIdLaOfrCHRxJTJ9XY1N1K58AI5RdRdHik6FMWaDmrtQ6F5EBRNKgwuiqKRJzL-ETbytw-VMgwcXbFj4SwurmtKuP9kcEg_0_T_xtkDc3DW82di-dbZQhq0fYK5BiRlSuJB5Eclvs5wVLUp-OlfMAatybrrYt0axiFv38PcRKUNTEE7W6dcBZukvtMiGBZQlL66lXy0xcpxhAZo7L99B0BDwxGmVVEUhZRJIXa1DtZhyzUrN7-DlmLTo7jZjwhPXHo73ONvzX1Gp3i4BqNMupZWbdV_FBmeVLD_mHc-bgoxJEDf1o7RVY3e06v0diF3jiC5Wa_JoENGHaCwYwrkmxM8wb-UkTKYfonLdIJ6Ya1uLm31E_p-ZM-DEGS2GG5qx7H2ryHwIs8JJxgvcV_2QIG0to0onR9sw07pjOmzfVc3BNjcukmuFOigX7eFy9_l2zMPooBBTd0Vu_0FVBO_ZUFbNcG1mRxTT3zIWrsLAsAYQcs4KEhbHh8b08DKSsQBixaw11snLxrYisEvHRJ-KKqU_cK6UfcbMO_v4qFtMF5ORrMg1EA2l2azEfQq9IJifcRcBFo33THL4b4eIzYBfINr-TmJh7afwb5cdodnuxK1vMKt_blX1-NQ7usCBHDjYeoqCgaikXHER2yxgzzelcsmtck1a5DR8Axov0x0AtxGYggBeftFxL5kwUjoJ0O6wzERX3fWbT4vp93ni56Z0-98F5riZDYsMUEZL2H5ibER7p3KVBEeAQcK-E4rmGpaiMbYe_Arbd9u4lTKmaev7j3sOivnTQ81IBqZViNbEHFuYCmR3sxLetRC7Vc1sBuFXsL55HzFq6lRvh7DYWU-gzg93tOtGkCrCl6ZJNIVYCO9VDiD2uSg52zDZMpSiQe4TdCjupYawD8lXV0fimZvcSneM7UHwzscSLxAjnP3t6U235VXkCsLM7Ac8HdNkXpDvHr1CBl_Cn-0duSLwBH28a4r8kNNfpYD43p89eu-ZALXfuHIIzAfMBTGLaCNy4P3rnUP3ejp79vC5tH4Znv6eaN8jqDA_MKmXllopaKfYy3GXrTAcP0rRo3Hmy-A7UJ7_8QESkwi58lEkasNjLZVzb2z8v0WYfpxtvbiSTmRSsGTTHz_wBvXzxxjWhR82AV-GJeM2pDrSaoJdnWqY1QMO7MvyWLb0gK-9Bpie96dME8Z6Hce3O4m4jvUbW9MOuQtyaIAZfyiFzm5vx--cYmudhsOq-VqFLri_mya-ZhTw87PQhGzV_WgS3RwpLtulPkEtAgLSsNgPSsxBd3jE0QkRGLViyKr1JmYSOHcYicusZIoWkd6lmeZC2p48Ls7nlVSre3f-X71Zn4NSkO7Qa0HIhnoBVBkjKQaClijifiNM3UAWzORvb4y5B4kd0Fy2wm0zkbXHEcXLu_kke5-L_jOiqZWPznpH6UdHiYJc-y-fllTYExCqGCXml-fLGKFWDYY_u79RRTEfvFaIfiR_pY8I9CM4UIhKsBQdT9kf2GvZjDJZcC9APBuYek4Qq1cXA_e_6gvERb1qNa2rxmQL4ez0tvsCGAc1Ybs9FjrPi3HwJBrpBf_t89sGtRp-vS57EV49Nl0rCoMoRJe2uBPA9xdvaqOoVrYmTo-h8Ag2MlwzM15TwP8-w01pGyPk-ARaGQA9W_DGkqqKZX5nTaAaICmtazq56berm9CkMHlbU8-EDA0mSyfWrdt9RLeWM0fm27ZFmo3iZnC2hRWYRbzCXPYSyCRN8qB49PwK9I8rOxP5KIG1s77cfGobhBI4Buz7K1fpyqbnNGDeqNgOYmopttJHWvQRRY7gqAOBcbSLXiZCY3XlnMJevKuxeiKFBZKbSuYUDpVoIGsltkKqVvbszW7KLUOuoFgL9J0iNhAdXRtHQsjfxoitvhz&pr=8%3AFCF84B2E0988514D&cid=CAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ds=l&xdt=0&iif=1&cor=12384725412355742000&adk=872549643&idt=193&cac=0&dtd=31
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da8db293643b0a25ba0d3ab6fcf955cc50d83ae3a49a1e51b459fbd7e7189bc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19019
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b11v886690812&_p=1699178647983&gcd=11l1l1l1l1&cid=1267633721.1699178649&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699178654&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=%E6%96%B0%E5%8C%96%E8%AD%A61%E6%97%A5%E7%A0%B42%E7%AB%8A%E6%A1%88%E3%80%80%E6%96%B0%E5%8C%96%E8%AD%A6%E5%8F%8B%E6%9C%83%E9%A0%92%E7%8D%8E%E8%A1%A8%E6%8F%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=8490
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 23:29:51 GMT
x-content-type-options
nosniff
age
124463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 23:29:51 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 21:11:12 GMT
x-content-type-options
nosniff
age
219182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 21:11:12 GMT
logo.svg
ad.vidverto.io/vidverto/player/
414 B
551 B
Image
General
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/
363 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127582
x-xss-protection
0
expires
Sun, 05 Nov 2023 10:04:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E2A6
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 10:04:14 GMT
im-uid.js
dmp.im-apps.net/sdk/ Frame 05D4
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e270 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Sun, 05 Nov 2023 10:04:14 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=5988
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
expires
Sun, 05 Nov 2023 11:44:02 GMT
publishertag.prebid.js
static.criteo.net/js/ld/
96 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:04:14 GMT
track
t2.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&pfid=71&env=js-web&ut=1&cid=1151811&gid=1088630&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=KNIiUcPqc-yr2zYImm9zdaxa&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1088630&dsp_creative_id=1151811&fms=9&p=HgScOjii14dA82zvk2V2G-At67Jx8OJxDVkfs2H9QrgODg&cts=1699178651589&cs=284039518786174242105&1699178651589=&slot=native&fv=1283&ts=1699178654435&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&pageId=154680&pid=169092&hb_provider=prebid&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&pfid=71&f=1&slot=native&fv=1283&ts=1699178654435&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
nurl
a.teads.tv/be-ms/ Frame 0F31
10 KB
11 KB
Fetch
General
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiDDpkYo9rhCMksJgN9bw8r_7z8hmpmZmZmZ6T8ouPKsDDIbKhkKFQjq3BoSA1VTRBoKaW1wcmVzc2lvbhgBOIX9UlgFYIX9UnDF6_ULeKbtrAyYAQA4AUIDQ0hGSAFQAFgAcgZqcy13ZWJ4AIABR5IBVggFEPQFGMVPIMPlASoEMTg2MDD___________8BOgR3aWZpQg9tMjQ3IGV1cm9wZSBzcmxKAT9SDWV1cm9wZS96dXJpY2haBWFpZ2xlYgdzY2h3ZWl6mgEKd3d3LmJnMy5jb6ABAqgBA7gBzzfCAQZwcmViaWTgAQH6ATQSMAoWCNKEkbj7zKyQ6wEQrsb-9JaR996OARIWCLSOhfHbgsDrxQEQlNyP8IffsIqgARgAgAL-vsL3uTGKAgdXaW5kb3dzkgIEMTAuMJgCAKoCNkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YbICGgoWCMeV0f__7aWF-wEQltrmxZ__xP2eASAA2AIA4AIA8QKCxzNP0hnZP_gCAYADAKIDXmh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1odWEtamluZy0xcmktcG8tMnFpZS1hbi14aW4taHVhLWppbmcteW91LWh1aS1iYW4tamlhbmctYmlhby15YW5nLmh0bWyoAwCyAwJjaLoDBkNocm9tZcADWcgDANADAPIDDzE5NS4yMDYuMTA1LjEzMfgDA4AEAA==&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=fNEJp7r5YnH5B4fYODBN_szfQ2gR697YJ9cK-zq5jrnsGA&psid=415253&checksum=-497133945
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05644b318389d5b950b43cea5820ddba7d9a4847f5d35f32d69633c506552426

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
10503
expires
Sun, 05 Nov 2023 10:04:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 0952
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B60s1rMGfDx7YhDYdY-a6esL8qy0V4bZ5yyK7hIR6kUW6fbtNtY4ojnBJsHPPg7BM8U_PVSul4UIDjW_Np9BAwWOAmhp1GbjaDNoluvd2MGygo8ZZKm7L2dPcOegCB0M2maWdmKbFEYOAId6am3suvW6SHchcpW5DnSk0Fm2JavQIFc04&cry=1&dbm_d=AKAmf-AhFDpj724FgEM90RHWFXyHbPUqxF7MkIH9rA8t92uk9o_UC8RSHgV1yDMD25B36nNmEqO3El2vorJpPzdr6l3hK0thtu2f7hSPQSEDtIYGRE_Rf4JGw1IA6umTuMhm3F7Bq22Es-gplYAm7G6-IxQm0De_7Bm58kndGFWmMjLJ_ya1TFeK2RGLdPT2vo1TrkE5eiSl9rUE2T8SDvWFlZEX6tW8ARjsQgIRkM4ToGf_oM_upHjx1iKYE_qCQeSCQRiWS2xRNXoAmtlzKXx98BaP7DnKgUKyK8kjhX01Ne3cOdI5VULGEFVIUmCmppc6pJHy_aY4ILoMu92qHEmqJ29wL2rbS7PAWNLTKQxLsc8jbg3_DVLoHx55yIurJmjXNkrvecAeZ8CMplQw1h42dgi0mNHmmVymoqrB6hV8i-wI_cny_UzhajL8ocd9UGwe1PqaoP6pi2r8dmDgqS7K470njWuECJLm9gxwICDgxJ4AktlW8QlQNE7A6G_wKTVjglQ5pzaiNLtIM9IvkL_agNqToFHsBSYJIWCLFXi2DpsfvlEkHC9VEFsmGNzTbUP5oYlhxw2G4J2jHfTAP-8Ehbc6vBpNHUhuOLnUcJqjrkad8qKdnzN2_WiXbOFafgry_hWpWikj_KspzB95hw6wcNW080bVJjQejbD46Pmy1mJZa5DZ34lJHlt3WRUk2x0LW3Et30tqqUojhdJELVgt9_-ypJvYHPw6iEok454m5hyq70M1OyE32vhkCGYjpnty_ud8A3ZTRSP4zP-ZI67XXn9vFg6DTnXmS9sPBd7JOxKsUAbc5Qc1MJysMsXyY_g2xKIsimzk4XsfR6StpHs03pLB0sELcTiflGcxo4pNKXMQcufHGnhAQD-fEk4bQPk5ZTEjcaWp5V8L7J55xMyqSsNBIuE4gyWm4zxbMs6CnZ0ExKHv849FMvJ-0lN8PxQGPOaWtDJ-qJLpiNSUQn2-S_0yWwEMpnoOcPnWaD5U8d8zNB4Is27QSlyc1wheGFI95ETQpoIUnqmv5M1uGTe322xbaXDOMXgpoBhLsgLBV3CKF1uTtrbERJumFsPyYqOvG5RMq-K-wFHnEFc6ElW2_N2AaLkurT7kfhSvYth7Nh9YZn66H4rJBYWpLw0WXPnyISiNu58MVIpSz1N-7JcVv2vxVkEJpuejl6IY_SD9-RefIl9qiF3180TCejWDNMqPAwv47ht714cee7-j1YoxqNABYJ9bl8-ev0kX_OxNve7v4rfCEoCSYRi-QBzZh6sz9UgQaxvBKLgStKj5raOONt2tRACXNrn9NstEvzlKPBT3wmxCDSM4ArwLcLRPzE_ascj67uVQ1lZz39k2b7GYRr3u3NygDGSQFoevhqB7J_NcSptj_o56hc9Y1S2alcEp4ULTF5p2j7O4t-pIMFOYVNuNPXcxipRv66hwjjoL7JPwBTmZ-2Sahy-h-OoqpoHD0nfR6LaiYl3gI9AK5Reu02natcnqD1Gx-VJiiKWfH5EwOnHQft0AnsOO5jCYHCOi8wOKdVt9WoSWsnEXSXKEBXXHPVRchuSbuJMuDpI4T0nz4H9maoM64Zz8CrJ0ZPH1Uj7mDCwJXfkdBUeWmZdBdudK2ftI2toTpNDWsH6RIuCJ8kkiWUJdCk8Rua89K44qSymO6ujDMaagA5ZNIac2kSIdLaOfrCHRxJTJ9XY1N1K58AI5RdRdHik6FMWaDmrtQ6F5EBRNKgwuiqKRJzL-ETbytw-VMgwcXbFj4SwurmtKuP9kcEg_0_T_xtkDc3DW82di-dbZQhq0fYK5BiRlSuJB5Eclvs5wVLUp-OlfMAatybrrYt0axiFv38PcRKUNTEE7W6dcBZukvtMiGBZQlL66lXy0xcpxhAZo7L99B0BDwxGmVVEUhZRJIXa1DtZhyzUrN7-DlmLTo7jZjwhPXHo73ONvzX1Gp3i4BqNMupZWbdV_FBmeVLD_mHc-bgoxJEDf1o7RVY3e06v0diF3jiC5Wa_JoENGHaCwYwrkmxM8wb-UkTKYfonLdIJ6Ya1uLm31E_p-ZM-DEGS2GG5qx7H2ryHwIs8JJxgvcV_2QIG0to0onR9sw07pjOmzfVc3BNjcukmuFOigX7eFy9_l2zMPooBBTd0Vu_0FVBO_ZUFbNcG1mRxTT3zIWrsLAsAYQcs4KEhbHh8b08DKSsQBixaw11snLxrYisEvHRJ-KKqU_cK6UfcbMO_v4qFtMF5ORrMg1EA2l2azEfQq9IJifcRcBFo33THL4b4eIzYBfINr-TmJh7afwb5cdodnuxK1vMKt_blX1-NQ7usCBHDjYeoqCgaikXHER2yxgzzelcsmtck1a5DR8Axov0x0AtxGYggBeftFxL5kwUjoJ0O6wzERX3fWbT4vp93ni56Z0-98F5riZDYsMUEZL2H5ibER7p3KVBEeAQcK-E4rmGpaiMbYe_Arbd9u4lTKmaev7j3sOivnTQ81IBqZViNbEHFuYCmR3sxLetRC7Vc1sBuFXsL55HzFq6lRvh7DYWU-gzg93tOtGkCrCl6ZJNIVYCO9VDiD2uSg52zDZMpSiQe4TdCjupYawD8lXV0fimZvcSneM7UHwzscSLxAjnP3t6U235VXkCsLM7Ac8HdNkXpDvHr1CBl_Cn-0duSLwBH28a4r8kNNfpYD43p89eu-ZALXfuHIIzAfMBTGLaCNy4P3rnUP3ejp79vC5tH4Znv6eaN8jqDA_MKmXllopaKfYy3GXrTAcP0rRo3Hmy-A7UJ7_8QESkwi58lEkasNjLZVzb2z8v0WYfpxtvbiSTmRSsGTTHz_wBvXzxxjWhR82AV-GJeM2pDrSaoJdnWqY1QMO7MvyWLb0gK-9Bpie96dME8Z6Hce3O4m4jvUbW9MOuQtyaIAZfyiFzm5vx--cYmudhsOq-VqFLri_mya-ZhTw87PQhGzV_WgS3RwpLtulPkEtAgLSsNgPSsxBd3jE0QkRGLViyKr1JmYSOHcYicusZIoWkd6lmeZC2p48Ls7nlVSre3f-X71Zn4NSkO7Qa0HIhnoBVBkjKQaClijifiNM3UAWzORvb4y5B4kd0Fy2wm0zkbXHEcXLu_kke5-L_jOiqZWPznpH6UdHiYJc-y-fllTYExCqGCXml-fLGKFWDYY_u79RRTEfvFaIfiR_pY8I9CM4UIhKsBQdT9kf2GvZjDJZcC9APBuYek4Qq1cXA_e_6gvERb1qNa2rxmQL4ez0tvsCGAc1Ybs9FjrPi3HwJBrpBf_t89sGtRp-vS57EV49Nl0rCoMoRJe2uBPA9xdvaqOoVrYmTo-h8Ag2MlwzM15TwP8-w01pGyPk-ARaGQA9W_DGkqqKZX5nTaAaICmtazq56berm9CkMHlbU8-EDA0mSyfWrdt9RLeWM0fm27ZFmo3iZnC2hRWYRbzCXPYSyCRN8qB49PwK9I8rOxP5KIG1s77cfGobhBI4Buz7K1fpyqbnNGDeqNgOYmopttJHWvQRRY7gqAOBcbSLXiZCY3XlnMJevKuxeiKFBZKbSuYUDpVoIGsltkKqVvbszW7KLUOuoFgL9J0iNhAdXRtHQsjfxoitvhz&pr=8%3AFCF84B2E0988514D&cid=CAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ds=l&xdt=0&iif=1&cor=12384725412355742000&adk=872549643&idt=193&cac=0&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
52572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
server
cafe
etag
17132697034905592634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:28:02 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0952
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B60s1rMGfDx7YhDYdY-a6esL8qy0V4bZ5yyK7hIR6kUW6fbtNtY4ojnBJsHPPg7BM8U_PVSul4UIDjW_Np9BAwWOAmhp1GbjaDNoluvd2MGygo8ZZKm7L2dPcOegCB0M2maWdmKbFEYOAId6am3suvW6SHchcpW5DnSk0Fm2JavQIFc04&cry=1&dbm_d=AKAmf-AhFDpj724FgEM90RHWFXyHbPUqxF7MkIH9rA8t92uk9o_UC8RSHgV1yDMD25B36nNmEqO3El2vorJpPzdr6l3hK0thtu2f7hSPQSEDtIYGRE_Rf4JGw1IA6umTuMhm3F7Bq22Es-gplYAm7G6-IxQm0De_7Bm58kndGFWmMjLJ_ya1TFeK2RGLdPT2vo1TrkE5eiSl9rUE2T8SDvWFlZEX6tW8ARjsQgIRkM4ToGf_oM_upHjx1iKYE_qCQeSCQRiWS2xRNXoAmtlzKXx98BaP7DnKgUKyK8kjhX01Ne3cOdI5VULGEFVIUmCmppc6pJHy_aY4ILoMu92qHEmqJ29wL2rbS7PAWNLTKQxLsc8jbg3_DVLoHx55yIurJmjXNkrvecAeZ8CMplQw1h42dgi0mNHmmVymoqrB6hV8i-wI_cny_UzhajL8ocd9UGwe1PqaoP6pi2r8dmDgqS7K470njWuECJLm9gxwICDgxJ4AktlW8QlQNE7A6G_wKTVjglQ5pzaiNLtIM9IvkL_agNqToFHsBSYJIWCLFXi2DpsfvlEkHC9VEFsmGNzTbUP5oYlhxw2G4J2jHfTAP-8Ehbc6vBpNHUhuOLnUcJqjrkad8qKdnzN2_WiXbOFafgry_hWpWikj_KspzB95hw6wcNW080bVJjQejbD46Pmy1mJZa5DZ34lJHlt3WRUk2x0LW3Et30tqqUojhdJELVgt9_-ypJvYHPw6iEok454m5hyq70M1OyE32vhkCGYjpnty_ud8A3ZTRSP4zP-ZI67XXn9vFg6DTnXmS9sPBd7JOxKsUAbc5Qc1MJysMsXyY_g2xKIsimzk4XsfR6StpHs03pLB0sELcTiflGcxo4pNKXMQcufHGnhAQD-fEk4bQPk5ZTEjcaWp5V8L7J55xMyqSsNBIuE4gyWm4zxbMs6CnZ0ExKHv849FMvJ-0lN8PxQGPOaWtDJ-qJLpiNSUQn2-S_0yWwEMpnoOcPnWaD5U8d8zNB4Is27QSlyc1wheGFI95ETQpoIUnqmv5M1uGTe322xbaXDOMXgpoBhLsgLBV3CKF1uTtrbERJumFsPyYqOvG5RMq-K-wFHnEFc6ElW2_N2AaLkurT7kfhSvYth7Nh9YZn66H4rJBYWpLw0WXPnyISiNu58MVIpSz1N-7JcVv2vxVkEJpuejl6IY_SD9-RefIl9qiF3180TCejWDNMqPAwv47ht714cee7-j1YoxqNABYJ9bl8-ev0kX_OxNve7v4rfCEoCSYRi-QBzZh6sz9UgQaxvBKLgStKj5raOONt2tRACXNrn9NstEvzlKPBT3wmxCDSM4ArwLcLRPzE_ascj67uVQ1lZz39k2b7GYRr3u3NygDGSQFoevhqB7J_NcSptj_o56hc9Y1S2alcEp4ULTF5p2j7O4t-pIMFOYVNuNPXcxipRv66hwjjoL7JPwBTmZ-2Sahy-h-OoqpoHD0nfR6LaiYl3gI9AK5Reu02natcnqD1Gx-VJiiKWfH5EwOnHQft0AnsOO5jCYHCOi8wOKdVt9WoSWsnEXSXKEBXXHPVRchuSbuJMuDpI4T0nz4H9maoM64Zz8CrJ0ZPH1Uj7mDCwJXfkdBUeWmZdBdudK2ftI2toTpNDWsH6RIuCJ8kkiWUJdCk8Rua89K44qSymO6ujDMaagA5ZNIac2kSIdLaOfrCHRxJTJ9XY1N1K58AI5RdRdHik6FMWaDmrtQ6F5EBRNKgwuiqKRJzL-ETbytw-VMgwcXbFj4SwurmtKuP9kcEg_0_T_xtkDc3DW82di-dbZQhq0fYK5BiRlSuJB5Eclvs5wVLUp-OlfMAatybrrYt0axiFv38PcRKUNTEE7W6dcBZukvtMiGBZQlL66lXy0xcpxhAZo7L99B0BDwxGmVVEUhZRJIXa1DtZhyzUrN7-DlmLTo7jZjwhPXHo73ONvzX1Gp3i4BqNMupZWbdV_FBmeVLD_mHc-bgoxJEDf1o7RVY3e06v0diF3jiC5Wa_JoENGHaCwYwrkmxM8wb-UkTKYfonLdIJ6Ya1uLm31E_p-ZM-DEGS2GG5qx7H2ryHwIs8JJxgvcV_2QIG0to0onR9sw07pjOmzfVc3BNjcukmuFOigX7eFy9_l2zMPooBBTd0Vu_0FVBO_ZUFbNcG1mRxTT3zIWrsLAsAYQcs4KEhbHh8b08DKSsQBixaw11snLxrYisEvHRJ-KKqU_cK6UfcbMO_v4qFtMF5ORrMg1EA2l2azEfQq9IJifcRcBFo33THL4b4eIzYBfINr-TmJh7afwb5cdodnuxK1vMKt_blX1-NQ7usCBHDjYeoqCgaikXHER2yxgzzelcsmtck1a5DR8Axov0x0AtxGYggBeftFxL5kwUjoJ0O6wzERX3fWbT4vp93ni56Z0-98F5riZDYsMUEZL2H5ibER7p3KVBEeAQcK-E4rmGpaiMbYe_Arbd9u4lTKmaev7j3sOivnTQ81IBqZViNbEHFuYCmR3sxLetRC7Vc1sBuFXsL55HzFq6lRvh7DYWU-gzg93tOtGkCrCl6ZJNIVYCO9VDiD2uSg52zDZMpSiQe4TdCjupYawD8lXV0fimZvcSneM7UHwzscSLxAjnP3t6U235VXkCsLM7Ac8HdNkXpDvHr1CBl_Cn-0duSLwBH28a4r8kNNfpYD43p89eu-ZALXfuHIIzAfMBTGLaCNy4P3rnUP3ejp79vC5tH4Znv6eaN8jqDA_MKmXllopaKfYy3GXrTAcP0rRo3Hmy-A7UJ7_8QESkwi58lEkasNjLZVzb2z8v0WYfpxtvbiSTmRSsGTTHz_wBvXzxxjWhR82AV-GJeM2pDrSaoJdnWqY1QMO7MvyWLb0gK-9Bpie96dME8Z6Hce3O4m4jvUbW9MOuQtyaIAZfyiFzm5vx--cYmudhsOq-VqFLri_mya-ZhTw87PQhGzV_WgS3RwpLtulPkEtAgLSsNgPSsxBd3jE0QkRGLViyKr1JmYSOHcYicusZIoWkd6lmeZC2p48Ls7nlVSre3f-X71Zn4NSkO7Qa0HIhnoBVBkjKQaClijifiNM3UAWzORvb4y5B4kd0Fy2wm0zkbXHEcXLu_kke5-L_jOiqZWPznpH6UdHiYJc-y-fllTYExCqGCXml-fLGKFWDYY_u79RRTEfvFaIfiR_pY8I9CM4UIhKsBQdT9kf2GvZjDJZcC9APBuYek4Qq1cXA_e_6gvERb1qNa2rxmQL4ez0tvsCGAc1Ybs9FjrPi3HwJBrpBf_t89sGtRp-vS57EV49Nl0rCoMoRJe2uBPA9xdvaqOoVrYmTo-h8Ag2MlwzM15TwP8-w01pGyPk-ARaGQA9W_DGkqqKZX5nTaAaICmtazq56berm9CkMHlbU8-EDA0mSyfWrdt9RLeWM0fm27ZFmo3iZnC2hRWYRbzCXPYSyCRN8qB49PwK9I8rOxP5KIG1s77cfGobhBI4Buz7K1fpyqbnNGDeqNgOYmopttJHWvQRRY7gqAOBcbSLXiZCY3XlnMJevKuxeiKFBZKbSuYUDpVoIGsltkKqVvbszW7KLUOuoFgL9J0iNhAdXRtHQsjfxoitvhz&pr=8%3AFCF84B2E0988514D&cid=CAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ds=l&xdt=0&iif=1&cor=12384725412355742000&adk=872549643&idt=193&cac=0&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
286908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
usync.html
eus.rubiconproject.com/ Frame 386E
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Nov 2023 10:04:14 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 0952
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDSx_rs2Oi8vG0ihuDaFifr0_TWf5X-kfiR87fATUmlwnmZJMt8MlR24BnlAp_2onNGgga2akPTDtlmDYQoxBqDOEcGVyhalWgMC1FaQev4UBdvM17IA7vhDI7o6uVd4Nm14eVq3xH1NXKN3APZvTxzKGVT4bqQ9o0CYT-5-oysb9kieztZzAXx4PvtCx072GgPJGvuHjP8-32-yQpOAWHiql7kxoTb7Mh2YOMs5QzN5VFh7ZI77ti8w6V8er5hVy89CE4RAVG_WmtsjwSagpPqaB5jnbxb94bvFDCqdchNv-bRWt8uV5YbyTe1qTbHI4vuJ0PIBGZPe4_4Sbh3n_XqLCBcOzhEHc&sai=AMfl-YTbjMrO60iQtLQqM38F7JCmmO9Ah0yYal7dpEjMatbsMph9uB1lKeLyE25j5pRNHHRSQmxEGzrtW5LDWAMog4NnzSxsumKebk53bIwkpe2ZQ7tTF3VZe8PqjBPrAcg&sig=Cg0ArKJSzNFMkMSNRkogEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 10:04:14 GMT
truncated
/ Frame 0952
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f848aa08c9497d0e840fa6310eb511c6fc90f2ffc7d63fd7e9febdade47ec8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
480_650.mp4
cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/
36 KB
0
Media
General
Full URL
https://cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 05 Nov 2023 10:04:14 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
480_650.mp4
cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/
232 KB
232 KB
Media
General
Full URL
https://cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16973824-

Response headers

Date
Sun, 05 Nov 2023 10:04:14 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16973824-17211103/17211104
Connection
keep-alive
Content-Length
237280
r62eglto.js
ad4m.at/ Frame 0952
25 KB
10 KB
Other
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
455584
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7jFH0%2FDcV0Df72SIJvxUkHfbwKJJ2fi8EE8dXKt9O5lSWSN9KhB4acPJ0YShvwivXehR53xFwh%2Bz5WJZGWga1xxJduzQS1lG2id1izn6YTMVUg8QaGhBfmviy8rKIX4KQ4H%2BUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8214457f19309b6e-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 31 Oct 2023 03:31:10 GMT
frame.html
ad4m.at/ Frame F5DF
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1339593
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
8214457f39529b6e-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 10:04:14 GMT
expires
Tue, 17 Oct 2023 13:36:06 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMEEfiwM4kS%2BxsN7n7ku5Hz5RD%2FkmWSZuy8kORrtmJPt9KQkx%2B%2FAWWHh%2FZvf6wQ6w%2FCWVLybGAFvOLPIqkD%2FJZuMIEAv%2Bo%2FOYDCw1fUwwWOZ3A7c9SMApUpd44fiviNYGv2FY1k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
track
t.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=uncat&pfid=71&gid=1088630&sid=174681&brid=7119&cid=1151811&rpm_reason=3&ut=1&p=iRuWhqKm4dRbD_XhgT5h-rgGnBHurZYwJJeDpX2n9DFrC1fCVZfMU-tEUeRdy2VWMVk&cts=1699178651590&cs=345567705220442914505&slot=native&fv=1283&ts=1699178654588&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 386E
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aa2dd03f1dbea5a540be099b05c71b8f902e0482ccd987b2a3b410a9d2b4dd7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 10:04:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Nov 2023 18:43:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31165
Connection
keep-alive
Content-Length
13280
Expires
Sun, 05 Nov 2023 18:43:39 GMT
YJ9%2FAn9IWnLFHqjRoGtGySMieN%2FgEHUpG3yKiEEt9qRnCt7gYpuvNxwqDSsbaEmjsZW24%2BddIQ%2F7DtJdIkHKH8dDP%2FKeGS1I1J9u1%2Fkit%2FjCx6f30qK16PPTLdT14o%2FEQtPI2BvyQIFm%2FxwQeM4wAYjUV1TBPRjW3ERVWWE0%2F8WN%2B6n...
ad.vidverto.io/delivery/video/pod/ Frame 3D69
52 KB
22 KB
XHR
General
Full URL
https://ad.vidverto.io/delivery/video/pod/YJ9%2FAn9IWnLFHqjRoGtGySMieN%2FgEHUpG3yKiEEt9qRnCt7gYpuvNxwqDSsbaEmjsZW24%2BddIQ%2F7DtJdIkHKH8dDP%2FKeGS1I1J9u1%2Fkit%2FjCx6f30qK16PPTLdT14o%2FEQtPI2BvyQIFm%2FxwQeM4wAYjUV1TBPRjW3ERVWWE0%2F8WN%2B6n5t54eNZ%2FVbqnwzB5OrRtOq57YcpEiOIJ%2BEJtAeD0vZDtsfItocrmjIGXUYTML2Ngbq7szy9H4Yc7MInLktIVyzY97NFf7mJSkIVPHI1axVhNexHUrma%2BHsfR5fMELlNgM5Y0gLbDof1RheX%2FNS%2B7vDtRJXY4EZju2a9w00TXFX1cQS0IiQ4om1vrZLMbJFWJHR5oYZ%2FCOkG4dqvd9EqB98AQiPoXV8SukyFSKawijxC725DcXxD1f%2Bkuz4ckswz5P2As%2BZIe8lHbIadvDUzWaKZqIE6bPFm%2FoYn7ClVkRvPwjhBEM1DMlJvubTpGn7WstfOSDquTOd%2FEsndfqAyUcwZxZPrYVfJImF9Wg1dDWoHqK43w73rZ9qudbYFUsZslS15cLQ3BN27BctX6y1bCJxyt1jnTOS6VDr5X4aAOQQ%2BZmZxFisAR5RHGDKVFQVtGIFS%2FCtgL0i4x7bxXfRVjDH9RndembpGqvoexBSacT4q46ayUDz3cx92U1dBH1jVyf7OzGoay1rz2THbK%2FPyT76t%2FEBs%2B4x0jCd6m%2BK3mxNfEBsWIYwEDn4P5NcwN5tcoWF1COIbf6Bm6koeR%2BfyKa2nWkp5UJeUjesXaDDSu832X21BXnsBagNdfEMuM%3D?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
255a978ff1f8c157ef0cfef1d827789f3695eb1132c3f9665e3025cd3235a189

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 46A0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
138889
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:29:25 GMT
expires
Sat, 02 Nov 2024 19:29:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A2B3
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8ab3b73990ae3e3be837ae5c7589417935c1d4be0a9d73af971e231483b5d5bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IYgBc7jnBkHhkJdbiunfFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IYgBc7jnBkHhkJdbiunfFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:14 GMT
expires
Sun, 05 Nov 2023 10:04:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame 31D9
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRi_vNP7ATAB&v=APEucNUiPk7VGmTp5zb1UNf4gYS0pnaADNSAva2RkeyiTStQkM7IRpKvKjy2zom_SAFMRXY0UoVmosfRFK8FCNfYUquOVKy2Rg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3DA1
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 3DA1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
77264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 3DA1
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
53054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:20:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3DA1
189 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 10:04:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8bzxe5mkjaDXBShkrN2iKTOawjKayNLpjz4ob66t12pFfS_OyCXETJmqdmOgF81tEeR6zkb__4KnBDJA4UZY3dnQjUlwABfflNtSnNqWclToGRzI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5826132445747285259&x=1&ct=119
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame FEC2
754 KB
242 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
492670
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 17:13:04 GMT
expires
Tue, 29 Oct 2024 17:13:04 GMT
last-modified
Mon, 30 Oct 2023 17:07:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E853
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 09:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 05 Nov 2023 10:12:44 GMT
get
audiencedata.im-apps.net/imuid/ Frame 05D4
10 B
180 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HEFF1B0AJE3X8XDMWT6CKGST
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 05 Nov 2023 10:04:14 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
iframe
sync.teads.tv/ Frame 9B99
2 KB
1 KB
Document
General
Full URL
https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
48a977037280fa6476eb10bcfe4c49bafeb377502760e65cc4674333592fe799

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:14 GMT
expires
Sun, 05 Nov 2023 10:04:14 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
track
t.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t.teads.tv/track?action=adAvailable-success&gid=1088630&sid=174681&env=js-web&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&pageId=154680&pid=169092&hb_provider=prebid&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&pfid=71&f=1&slot=native&fv=1283&ts=1699178654739&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
truncated
/ Frame 63F6
669 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 63F6
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb612950bab80da54815a11e889308e8df01811bb17950058ff09e3a77047ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
performance-slide-b1605fb0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/ Frame 63F6
463 KB
464 KB
Image
General
Full URL
https://s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/performance-slide-b1605fb0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:382::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6151366e4a13caee40722eb6224f01434cce5aae67aedd688522639ed0ec99b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
x-amz-request-id
MKJXJHEJY3F5CXHN
x-amz-server-side-encryption
AES256
content-length
474514
x-amz-id-2
v0A+9bQyWf7Z6bW5Kiqhxx52SBQLl3kkql3hPWSoT2cE3X17otmRHWzclwby3itAY1isjCdVTns=
last-modified
Wed, 18 Oct 2023 13:22:35 GMT
server
AmazonS3
etag
"ddac661cc012210528c356840eee0db0"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 04 Nov 2024 11:10:54 GMT
performance-slide-b1605fb1-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/ Frame 63F6
185 KB
186 KB
Image
General
Full URL
https://s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/performance-slide-b1605fb1-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:382::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52aa1fc1c337a57bfc9cba0a2fca825fcb9087648f63424a7e7d8334d47cbe67

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
x-amz-request-id
MKJZJJ35MHKZE7EV
x-amz-server-side-encryption
AES256
content-length
189872
x-amz-id-2
ReAXjdXDucYRuClPZ7DgkHO+UpYGcTotiau0548dJZVrWh8+k6dqI20XLgLDklVYGovDzE7tpwA=
last-modified
Wed, 18 Oct 2023 13:22:35 GMT
server
AmazonS3
etag
"2e059148b6189d19f1b14d4f908fe252"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 04 Nov 2024 11:10:54 GMT
performance-slide-d45224e0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/ Frame 63F6
286 KB
286 KB
Image
General
Full URL
https://s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/performance-slide-d45224e0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:382::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98e702ad6560628ca32323265fc816700ba47a40eaf5fb260dc0adc96a7c89ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
x-amz-request-id
MKJXHF86YSG01088
x-amz-server-side-encryption
AES256
content-length
292396
x-amz-id-2
JeZMpiAA0WGcnUmqJpWqLG3qMZ6Pdp5r9nOwnjiAuH0CFvgVz/NHa53eIcKkbMWKz5emQUcTmuU=
last-modified
Wed, 18 Oct 2023 13:22:35 GMT
server
AmazonS3
etag
"4a577ee5d972a92db56fbb7028a7686a"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 04 Nov 2024 11:10:54 GMT
performance-slide-dbabdba0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/ Frame 63F6
249 KB
249 KB
Image
General
Full URL
https://s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/performance-slide-dbabdba0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:382::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2925fc0c112154d5c56d352ed51ee6de878608fef503b03ddd94d13214851353

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
x-amz-request-id
MKJYY9ZP8GN5MXVT
x-amz-server-side-encryption
AES256
content-length
254525
x-amz-id-2
3ent58SeW5mnh8yIUyUXCHDgBYEJ87YIZVCVOy/B2o0e6RWgEcjsmT1HOTKett+XDM7UOryMjxI=
last-modified
Wed, 18 Oct 2023 13:22:35 GMT
server
AmazonS3
etag
"03bc37acf3082dc682dea76c6f3c1b07"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 04 Nov 2024 11:10:54 GMT
performance-slide-e0d285c0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/ Frame 63F6
38 KB
39 KB
Image
General
Full URL
https://s8t.teads.tv/creative-965cfab0-6db8-11ee-bb82-f7c60699fc5f/performance-slide-e0d285c0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:382::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd36b72b03f5033f5aa6dc07d25b69cf8b57c64a1050fca404cba1c573d96b2e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:14 GMT
x-amz-request-id
MKJYF5BFSHW88653
x-amz-server-side-encryption
AES256
content-length
39128
x-amz-id-2
ckx5frsfiI2PVkZV0lmeGYJ95frwv2mu9nYX8B5nPQdtG543AGhyiLKfin1TIcOdYG7JvIYJrVY=
last-modified
Wed, 18 Oct 2023 13:16:48 GMT
server
AmazonS3
etag
"5ec008fbf0c99f9fc8533d416e200366"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 04 Nov 2024 11:10:54 GMT
track
t2.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t2.teads.tv/track?action=impression&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&gid=1088630&studio_cid=965cfab0-6db8-11ee-bb82-f7c60699fc5f&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&pscid=20204&scid=7024&pfid=71&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1699178654464&cid=1151811&pid=169092&revenue_platform_fee=IhRMeapGiB8ncDz54hplT61H&srevenue_fp=_Z0Kmj4cU6G0EyhW0gQMBmJn&srevenue_curr=CHF&erevenue_curr=CHF&crevenue_advertising=uhFGbgMoGxAaUPZ5Q6KZyaZB&crevenue_curr=CHF&crevenue_platform_fee=IClCksJ8B1W3wvEn3IvAu18j&revenue_curr=CHF&revenue_advertising=am0xCBwfMQ8rhp30iCIdk1ew&srevenue=bAjeJer3z1bQbYUacN8IHaHs&fms=9&erevenue=_IfuMW4eUPwRRLQ01NwzXWwU&throttling_rate=0.3922010205707168&crevenue=dc6HV5nHlKFV4L83LWPRWEpy&revenue=HsHTpbeyegfkNaZ5mpr9hYH7&p=mtHSDi5kvTn0GVoB3HxP99k8tk-XXK8G3-OTjheqtv2G81VwfWrFKgPmPgegI2yHES4dt-vyb18kBgc57YRTXCEJtvRVWKVA0Z8kJHGhqE4LKfk6A-2ADCPhQXPVVWluAAHWL9UNKl_c4fBmxIciy9GNG3qH4931jzBqBQckeE48JhFk9tWedJSWzKZ3R2FX8qtfqhS0B3WeMbKMOUfzKx-xcrH3YXGWHewXwksMm3TpWgdDWHrP7nKwTZxDZJ8ZdN13hfyWFwrSrQS331vIbZ3GXEU08XfHhy0KneibgWcyBaBsyPCCMcAYIXZgtMR1zdwD3esHCEq0Z86haJkGsFqXlMQrtccOcIpA6dfcb62TjA&cs=812921268778071110705&slot=native&fv=1283&ts=1699178654809&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 31D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1&C=1
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRi_vNP7ATAB&v=APEucNUiPk7VGmTp5zb1UNf4gYS0pnaADNSAva2RkeyiTStQkM7IRpKvKjy2zom_SAFMRXY0UoVmosfRFK8FCNfYUquOVKy2Rg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6zxOesrUMHULyCDg3LsmmUChsvh7wr6mp1lVWnlb6NwdNbGtDFHQ2bulcZKxZ%2FBJb0Jd4BHM%2FtRPTnj7wzyO%2F%2BLisc8hNnbihgxqXjWwgxnGUo4PEnJXOSDhiIIuADyYrHFV4QQtfBbgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82144581ab3b1cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxwyrpbwzh0OghYXl1Cobq7gagC4NAvRUQyUF2bb8HJcS2IcuXheJt47mbYxdOakCB3%2Bi93f57nMN%2BHNilKqcqekDiaiaFfO7%2BSuFR5Qw98NLbBAOwh%2F2v1tn1byytdf8m3k%2F2o6%2BBje0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1&C=1
cache-control
no-cache
cf-ray
821445813ad84da2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 31D9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUdonnUBhaXLGOaTV5j8PwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRi_vNP7ATAB&v=APEucNUiPk7VGmTp5zb1UNf4gYS0pnaADNSAva2RkeyiTStQkM7IRpKvKjy2zom_SAFMRXY0UoVmosfRFK8FCNfYUquOVKy2Rg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zx9DeiAFjFGY%2FIHy6YXQzmY98fE3WCtzcbbJSao09XfTlfKkxSHyucpVrvfsPYz8UgK82snBQfj2uTdWUR6Gv3Wr9DdRRFXL0WPCobdp7s4wfNDUGn6ZeG%2F%2BfUV3bteuQzXgTdH%2FQ6en%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821445824baf1cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyO_yX7GdYEwWxVAmIOwm4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 31D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIXDOuIZs84Qj8rjfNYEIXY&google_cver=1
43 B
882 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIXDOuIZs84Qj8rjfNYEIXY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRi_vNP7ATAB&v=APEucNUiPk7VGmTp5zb1UNf4gYS0pnaADNSAva2RkeyiTStQkM7IRpKvKjy2zom_SAFMRXY0UoVmosfRFK8FCNfYUquOVKy2Rg
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
an-x-request-uuid
768d8a8e-44bf-4a74-b4c8-2a5259e31586
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIXDOuIZs84Qj8rjfNYEIXY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwNTU5NDE3OTY2NDcxOTM1
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwNTU5NDE3OTY2NDcxOTM1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjdWBCR3NjJBRi_vNP7ATAB&v=APEucNUiPk7VGmTp5zb1UNf4gYS0pnaADNSAva2RkeyiTStQkM7IRpKvKjy2zom_SAFMRXY0UoVmosfRFK8FCNfYUquOVKy2Rg
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
an-x-request-uuid
a3ac5775-829b-479b-a681-5395f2bff60a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwNTU5NDE3OTY2NDcxOTM1
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B833
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
179394
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 08:14:20 GMT
expires
Sat, 02 Nov 2024 08:14:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4428727485053&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4428727485053&version=m202309260101&ct=119&x=1&cor=5826132445747285000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3DA1
90 KB
38 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9DsnOXrigTGPrwwtD5EiK94R6uftscUR2v0dGOj-ScCRyFFz1m3XKGREXPgMfRFlhm4ikdLXTQ3LuVMN6e2aJQS62DT2jP83myTC3xj8zdpq5rOMYO9oe7chFPuzeYImrImdOndQRWEINotijhiF62CsAtgRatYalMAVLcUzm8CYwVZnpGy4km_71c8omhcvWhCfC&cry=1&dbm_d=AKAmf-A1JKsxVERd6hwUVS3pDC_k9Jb3i4M1XbwhOln6bGtFLN_2plJ87tbLLJMWokCRVwSUt8s4a_nVG8_0nY7PVN0mPmBwXdWuKHhIp72V3VXhzEDOUedU2DcsPAtU_jv3Nw-ZiuXonJQB_T3b6bSvc14m2xLPSuBLi6gASnYBd34Sb40-bhCx4Lg7yQm-yRXIPewiKLMob6bq89l_FT4vtwSo52GAtESEFcOsGF48VT261JJRgAXz_1vahOUz4ro6Jcnrsen_Nlfypk5TCaqjhnFmA3bjzlnaIS-DIFPnowaxXp20oaSr3D5BN_yrta-yI_PtLOMz0kT5hmh7acq1GGscSB90Z9302EMjFPmOQH1nUGUdUbwvNeeZMf2QkKS7DV8dieWZdfn0BQgVLCywuihV-YPgnHMpAsGguWjRhR9HNAFI2vw1gh1nr9pUf6UP3UDol0FUV25hjxQXZ7hA8CuAYP8a2u2WR1LY4j1TED1as2FxqzeS-J9RYnw7oXYTUWzv5bUW6nxfNK3rLAoOX-KCYZDJQUEgBHx94vSJvPb8eOAtciv-oRocNocMKfHNmgIAPy_DrUKujSnvSI5FQxVVMCauTy5W8d2TFsLofoRuKfB4DhgeUO0_3fzzz5j1OmGNScD6zKaiVNZrVJm5ycbGofGW4Y_VwCaZkrNSxcLVKOKFQdu721jraI92qnRJ-_MXlilKJ6I57n5IKFA5zZ0CGW__iYyU-zWXrxEEelSrxKfhJlTbRAQWqJd44k3YzB9TWVoq_YxmzxtCWFbvqPgDfAUn1wiJo4IOQyc-SWKcsQ0JgecXf1jS1xtTAqrdnKOjBjv8P5JjII6DAlU7AG3UGfwB0kpq2st7cbtsx0L0Ml811JqRvpjyfVVfBHpc7m7e8D2-zH8LJUcSzVnSX4R-GQD3c1iy9BPMGn3TquINSHJ02NMVYcl9cKXtRvXuxsZBJAJ9FTrPW6FRVKrVzF5QfRSORl2WQk6W4eP0tIJxu9hzvIuPp1HBnRgEtr9Sa1OVXXERyP6JbZFTs6_3SEYakiATQYMixx5R6nLLsCWfDRjfugo0GgOQWifUijrdygr1wBAtUYLhF4R9TIxAiURDaPmXbQSFZvQ7zOpUQCXkKbIyYf3UrG49PbtuWZFxymwCDC_wIIodjrmVH4Zvq9jOZYkCRSrqD0iGLqWyDpUMnca8LKxxoGZIZcEbQr2SiHbmhfSc42cw6lkh9-wn1H6G1wGOj-UC524QvDqY0z0liU2XE8egX2wy-pR6mYkiQ64pM7xlBsvWQIUzKg0xbPZWt0NRMEGGqTFTGRkVbVX6EZl_IyE3wdO2sWCHCKoairBQvPwhJhWJSFuu2eMD5Wz4Q-yIF7kEwSjEXOxF1vXlxInhNr7gR1a1PFI8P8PJlD499w8DTS9894FXxNdnP9_JQhI_FQ4nZbdMepCVXkZn8SLQ9fO1AxQ5ncjhvM9Qnri1J33P9c3w0TRL4wo9jU5BconqzFP5u5HcMHkUhNWySGVuP68gMHgthnnPwJNlYsSWtehiWtjghOXZoPHVKJrbFNxZ0hBWsfvVElsBCJEX9RZqOY7KLKUOoz_tZNGauPS8btNq2D6CyWyPM4M3iSrAY4uHTi5_fAa2jsk16UK6AeY0fLGFsetyW1d_l5UbbdNoqZRSCFhcPjaVb_slWzEYlPO2kSrVdwmsKK7HR__iGbcn4nkEC-ks5m7sA5NakHyIfZo3n-vm6sxMabKeqcLYNpM5e-oyPz35wHHTZQR1hl5UHtllLfPiIkyTxQOZkWd2394bDRJIuOmyPsEpK7Vn2ckkTwzjPaBjKywMx1tGq_1eO1q74k9mWKvqbrGa9Ng7BTZxwfv6V7tNZ1Cd4SbW5p6CU3nxMos5M5M1loHlIAIGMfGhm6zxh9_2u2UaG2Jy9BNtZ9OC48GsugIe5THFpVUf2HmOg8xeFfkAOH4IyjV0wTi6pZ50zMjX-tdv9OpA8Z81uirxOIEGaKWJzLuR07n2_3Iyiv_9Hp-ClXmF96LP1XQlvb7yKqSSp2fuJtBFG_1NmSBY2F0nAyYo-NxbECj0mXNHcAksvaSSvVKNyEbSuV2_Ga1lBrXJl9TdoNHKw6RMoZTGo5QsyPw94tQ-8sEQ4h8q50dBqfga5s1YWz1F-Ab6GZbOEGucXXL5qhZ_luUBXBbPJb4d8wTzyeqFprFihY9BXLy4rnyMvvy9JpThaGATXdxH552OGyZI3vjlwbTUBWXcYeJ7vVa5GuwovKAyHJ-xyEo6jhmbKhyEdzfPoxWUPbrOT-kHV-7z6-Z2aoDSQ4I9DwwIZt4ypkNzTMUo5rXFhxL5FfcgOsb25ES06_hzqA5OFSE5rCRsO7yr9X1TYuLhlBu3cASGpMmvD51K9E7IwOdWPLa_kdnOgzOD7TXDGbSEe2ztadLJI5mxkk9Dcf5Z_SoCWdl7qD-czbUd0r4I3sPXLzbMGRdp8JAsbHrONi3Ou5ZElY1WYigzogcsNpvXMpHUXsk4koV6M3YEMTWsbsveJmN4ZaEb8r1cKARMPUdRpAXYUreqKmxEwYgnuHkGWwbi7f7mMDK82KFjUP2nLysywMtDhdKi-DJre-CJTxH3uVXUFvOzNINzHgQ6EGEQxC0_VY3952zIG1qqQ0fFPSUSqoroNE0ygnHO6yACxA-7MhIpTkVxlGVy6Lok9Xz3HsLgnYYIzidaZbHo6o4fd8x7HAqOw5dKcYrtPoNsYE4m5M5QB48Qw3blH5zP1KHii6KyMLyh_vniosxvNKCEzZh-sun73bGmo1AD2lQqJ8dLavwOVmSjwbROUlY-SZnLgKl1OolsvVRv7S449A__ZvWRwySR_3TntyiZRGBNotLCBYdd9Lhf3hGUJHOzs3EtjcFsM3rBE7rp3JWYeQwG516VyhVOwb-FFCqBpZPciqIo_acqnaHxtgCcOHVc-kCANi30mepimbtwyi-2_IhG5nyg0OfibsLruq7cZ0HpU1YX5fll_POyjoa0btB14d_KePJENaWguZx0rbj7FVVOLSvtXgrW-dgOHi3BIU5n0gaidOP_s4Z9yVyZtZe2A9aRXFH4EeQPiT4WVOIzThnfvNGRFeyxFtTBoCcd10AvRLs4QXT5zdqgiaHhWEF8myVuvLowJp7mUhTsPX22LCrs0y8uWtakJb55wqytQKUJlH-HfTHBySaXJ5Z3aq_6lNOwwUlwvrKEpAqFkNFuEkyk3yzN4Rwq4ct34xd9PevimJoy6LiQejM7IxdNk7I3I8glkeVRZrdWqzDutRdqJoyD5-uGTZWPINqnqmhjrMIjKxYaCnk77g_BmMQ7EytjKh28WT9CMxyuiRwJjgta6FWGRojAZ9LYXPndJ9MfPErfB4778Ejpl98eV06xhotyGGszwLswnWR4HQO6yj1ioN5wn9iB6hL_PyTxqWRHpzYOOLeiPLj3e0RCq3CRKHVq6FzlKyozGNnm1G6LCOnmsxUHlivdtmzNsU0ylW0anNBSWTxhADKfA-cHCj_pjwz455Ks8ZGtY-GGOVFp3U07JTbekuuYPDDU3IAXcH0FzVzVf-IRYznOtOhlmvn3f4NirQPvA2Dz1jZuW7TxTQvnbLcvmctadXrRvlyapF2lW1SS2BpNVmUzydk6uaEv_1l8VcCz__dPoV_LpeulJjDHWRiUzRtxfjxPMX_GHKwr2Cb-VkCx3Ut0rt6fZxGDUcx3lTbAUfoNnLx4qMwUbcOeBAHE-x_-XOyFnsf467WG1E1_IeRP5XV5zlueKQQuk-I4fuRx_1UrCPjAm0cl08jRmOCZTIkcY7vKZSHTpISa0TpAbej7luKwvQV0zmivRMhJdPvly_kL3uIhEtvpv4--EM4O9ySLwlUD_PaYLP2IUkw&cid=CAQSPADICaaNd_-kVTrJr5bd7SRPa0B67x_VTnRtJK1XnXdcfe4iY0EFq2K2agAMSfzIhw2fYOGqEbjyXqaM0BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=5826132445747285000&adk=224573080&idt=164&cac=0&dtd=36
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c70324a0361fb1663960684b02c4924af5fd31d8a29c90e4d3d62d3f64f606ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38578
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0F31
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnVIy_3JLUhq-pSh-HUab3TMt1Jm3RfBKziWx7JN_KHnA4AW-kQ6MtELnOr5A3xGa6qc3fwezPM0ggEok7YtGjMBMkdl7EqBmUowTfSRjIQ2TDdL7oV3utQ8bkUZVzXfrT0wwct8NJy-ziItWde08W7nOHAxF97U4hLgnQsSIDNI430XkVX2P2DCxeqHQPCg6NmDqXJCicuxM1T3U7ThqoZXDSFGKYqR2cH5_ry5OHp76TKV79LNkIfUs91U71ZqHaRzu8dwIiTi8kme_13XumSF1jKdGqzfae4kC4xvxA5WpOPp2cJqqf7b173rOM-pj4ub5tVvn6FMj7MvP2iVz7Egw679yCqXw&sai=AMfl-YShm1AWmGL1i85ksuwnP7bGtEjbZAzU4mOMh9bTIi2pn19fXPdAXV6euOMNHm1zfkFEdbguXxo_hgg4zG7OnxGzSdXSCe5Rswue4QJROdVh5K-xznPeSERqFzsi2vM&sig=Cg0ArKJSzIRhz3D4WNZHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 10:04:15 GMT
pixel
cm.g.doubleclick.net/ Frame 9B99
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=f6e093ab-4ea6-40df-83d5-94a87750e8e1&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1699...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjZlMDkzYWItNGVhNi00MGRmLTgzZDUtOTRhODc3NTBlOGUx
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjZlMDkzYWItNGVhNi00MGRmLTgzZDUtOTRhODc3NTBlOGUx
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjZlMDkzYWItNGVhNi00MGRmLTgzZDUtOTRhODc3NTBlOGUx
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 05 Nov 2023 10:04:15 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9B99
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&_t=1699178654908
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame 9B99
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1699178654908
  • https://sync.teads.tv/um?fp=1&eid=80&uid=4db5e908-fa87-402c-80d0-db8dc049adaf&gdpr=0
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=4db5e908-fa87-402c-80d0-db8dc049adaf&gdpr=0
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 05 Nov 2023 10:04:15 GMT
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=4db5e908-fa87-402c-80d0-db8dc049adaf&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1250571
content-length
0
expires
Sun, 05 Nov 2023 00:00:00 GMT
um
sync.teads.tv/ Frame 9B99
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/f6e093ab-4ea6-40df-83d5-94a87750e8e1?gdpr=0&_t=1699178654908
  • https://sync.teads.tv/um?eid=132&uid=y-sGmb_LJE2oTSHlI8GqYQ9mVPfs9slIxZ9L4-~A
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=132&uid=y-sGmb_LJE2oTSHlI8GqYQ9mVPfs9slIxZ9L4-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 05 Nov 2023 10:04:15 GMT
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-sGmb_LJE2oTSHlI8GqYQ9mVPfs9slIxZ9L4-~A
content-length
0
/
loadm.exelator.com/load/ Frame 9B99
0
324 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=f6e093ab-4ea6-40df-83d5-94a87750e8e1_eu_ch&_t=1699178654908
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
44858
tags.bluekai.com/site/ Frame 9B99
62 B
483 B
Image
General
Full URL
https://tags.bluekai.com/site/44858?id=f6e093ab-4ea6-40df-83d5-94a87750e8e1_eu_ch&limit=1&_t=1699178654908
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 05 Nov 2023 10:04:15 GMT
content-length
62
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame 9B99
Redirect Chain
  • https://idsync.rlcdn.com/474599.gif?partner_uid=f6e093ab-4ea6-40df-83d5-94a87750e8e1_ch&_t=1699178654908
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJ2Y2ZTA5M2FiLTRlYTYtNDBkZi04M2Q1LTk0YTg3NzUwZThlMV9jaBAAGg0In9GdqgYSBQjoBxAAQgBKAA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESENogwEwHiD-3UkzeA1h7Cpc&google_cver=1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENogwEwHiD-3UkzeA1h7Cpc&google_cver=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENogwEwHiD-3UkzeA1h7Cpc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 9B99
43 B
500 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=f6e093ab-4ea6-40df-83d5-94a87750e8e1_ch&_tid=f6e093ab-4ea6-40df-83d5-94a87750e8e1&_t=1699178654908
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.144.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-144-148.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 9B99
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=f6e093ab-4ea6-40df-83d5-94a87750e8e1_ch&_t=1699178654908
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.252.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-252-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n012-dub-prod.krxd.net
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1699178655
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame 9B99
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=f6e093ab-4ea6-40df-83d5-94a87750e8e1&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=169917865...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=f6e093ab-4ea6-40df-83d5-94a87750e8e1
43 B
206 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=f6e093ab-4ea6-40df-83d5-94a87750e8e1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H2
Server
54.77.209.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-209-136.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 05 Nov 2023 10:04:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=f6e093ab-4ea6-40df-83d5-94a87750e8e1
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Sun, 05 Nov 2023 10:04:15 GMT
report
sync.teads.tv/um/ Frame 9B99
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=f6e093ab-4ea6-40df-83d5-94a87750e8e1&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZjZlMDkzYWItNGVhNi00MGRmLTgzZDUtOTRhODc3NTBlOGUx
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&viewerId=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 05 Nov 2023 10:04:15 GMT
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3D69
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lolb3kkd&c=954826590929&slotId=477413295464.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 05 Nov 2023 10:04:14 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
246762
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/
2 B
368 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
202901
expires
0
rid
match.adsrvr.org/track/
63 B
418 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
381aa5fd7594c3bedfcc9cec6d5402075e44abb2d639e5f90088678547420b81

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 05 Dec 2023 10:04:15 GMT
isyn
prebid.a-mo.net/ Frame 3A5E
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sun, 05 Nov 2023 10:04:14 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
checksync.php
contextual.media.net/ Frame E64B
24 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa4b5ef71883340d967b61fc5306164dd24a6ae92b3c3438834a39fea1b61b54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=99034
content-encoding
gzip
content-length
8515
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
Mon, 06 Nov 2023 13:34:49 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
adpushup-d.openx.net/w/1.0/ Frame CD2B
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
748 B
Document
General
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e9472ca3ae802b7adb200b0220a6295f0415819a8837907225478c7bb0bc8d90

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
414
content-type
text/html
date
Sun, 05 Nov 2023 10:04:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 05 Nov 2023 10:04:15 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
/
csync.smilewanted.com/ Frame 1F45
6 KB
2 KB
Document
General
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82144582b84d367e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:15 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 86C3
2 KB
863 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1699178651615
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 8A22
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 05 Nov 2023 10:04:15 GMT
sync.html
public.servenobid.com/ Frame 97D2
9 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
83032
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 04 Nov 2023 11:00:24 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-id
8vbBzJE8yCj2ivl6JBCSWa0d_SgvU4Hryv4qLLZiLDm6sQJb_P1NSg==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 19B4
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1076
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8214458319272bad-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
Sun, 05 Nov 2023 14:04:15 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame DE2F
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
469
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 05 Nov 2023 10:04:15 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
359, 4687
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230125-FRA
X-Timer
S1699178655.241133,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 6B84
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Nov 2023 10:04:15 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame A2B3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311010101&jk=2282710649184137&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
adx3.adform.net/adx/ Frame 3D69
0
544 B
XHR
General
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame 3D69
156 B
186 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=782887028694658&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fa8QeykdKtiJLgEd55ugNwA%3A1699182250%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=056E087F-9047-4FDB-AB1B-F56490457EDB&nel=0&eid=44772139%2C44773332%2C44777649%2C44781409%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=1699178655210&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&scor=1167398804232879&ged=ve4_td7_tt1_pd7_la7000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 3D69
156 B
227 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=782887028694658&cust_params=mt_fln%3D1.5&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fa8QeykdKtiJLgEd55ugNwA%3A1699182250%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=056E087F-9047-4FDB-AB1B-F56490457EDB&nel=0&eid=44772139%2C44773332%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=1699178655223&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&scor=1167398804232879&ged=ve4_td7_tt1_pd7_la7000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 3D69
156 B
227 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=782887028694658&cust_params=mt_fln%3D1.3&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fa8QeykdKtiJLgEd55ugNwA%3A1699182250%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=056E087F-9047-4FDB-AB1B-F56490457EDB&nel=0&eid=44772139%2C44773332%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=1699178655226&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&scor=1167398804232879&ged=ve4_td7_tt1_pd7_la7000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3D69
156 B
398 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=782887028694658&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fa8QeykdKtiJLgEd55ugNwA%3A1699182250%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=056E087F-9047-4FDB-AB1B-F56490457EDB&nel=0&eid=44772139%2C44773332%2C44777649%2C44781409%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=1699178655229&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&scor=1167398804232879&ged=ve4_td7_tt1_pd7_la7000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3D69
156 B
186 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=782887028694658&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fa8QeykdKtiJLgEd55ugNwA%3A1699182250%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=056E087F-9047-4FDB-AB1B-F56490457EDB&nel=0&eid=44772139%2C44773332%2C44777649%2C44781409%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=1699178655232&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&scor=1167398804232879&ged=ve4_td7_tt1_pd7_la7000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 3D69
156 B
260 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=782887028694658&cust_params=mt_fln%3D0.8&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fa8QeykdKtiJLgEd55ugNwA%3A1699182250%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=056E087F-9047-4FDB-AB1B-F56490457EDB&nel=0&eid=44772139%2C44773332%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=1699178655242&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&scor=1167398804232879&ged=ve4_td7_tt1_pd7_la7000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 3D69
156 B
227 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=782887028694658&cust_params=target%3D0.5&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fa8QeykdKtiJLgEd55ugNwA%3A1699182250%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=056E087F-9047-4FDB-AB1B-F56490457EDB&nel=0&eid=44772139%2C44773332%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=1699178655244&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&scor=1167398804232879&ged=ve4_td7_tt1_pd7_la7000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6B84
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aa2dd03f1dbea5a540be099b05c71b8f902e0482ccd987b2a3b410a9d2b4dd7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 10:04:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Nov 2023 18:43:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31164
Connection
keep-alive
Content-Length
13280
Expires
Sun, 05 Nov 2023 18:43:39 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 46A0
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
51052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Nov 2024 19:53:23 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame B833
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
51052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Nov 2024 19:53:23 GMT
sd
us-u.openx.net/w/1.0/ Frame CD2B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=x3JSVMd_XwDccVFaw3VLU8cmUVXcJgIFl3NXDBSK
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=x3JSVMd_XwDccVFaw3VLU8cmUVXcJgIFl3NXDBSK
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=x3JSVMd_XwDccVFaw3VLU8cmUVXcJgIFl3NXDBSK
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame CD2B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4365169368219957760
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4365169368219957760
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4365169368219957760
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame CD2B
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=2ba68a0c-ab03-8755-9242-6784a2bd3d8e
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D1XQS6MSFBRYGM9ARPZY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame CD2B
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=7370f671-b7a9-3caf-524c-e513ca8ef66e&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame CD2B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWYxZjI1YmItN2VkZS02MjBiLTQ3YWMtYmZhYTAwNmMzODBl
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CD2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJeEio8JEK0WJuseg2XSeZw&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJeEio8JEK0WJuseg2XSeZw&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJeEio8JEK0WJuseg2XSeZw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3DA1
172 KB
60 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 12:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 Nov 2023 12:29:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 3DA1
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9DsnOXrigTGPrwwtD5EiK94R6uftscUR2v0dGOj-ScCRyFFz1m3XKGREXPgMfRFlhm4ikdLXTQ3LuVMN6e2aJQS62DT2jP83myTC3xj8zdpq5rOMYO9oe7chFPuzeYImrImdOndQRWEINotijhiF62CsAtgRatYalMAVLcUzm8CYwVZnpGy4km_71c8omhcvWhCfC&cry=1&dbm_d=AKAmf-A1JKsxVERd6hwUVS3pDC_k9Jb3i4M1XbwhOln6bGtFLN_2plJ87tbLLJMWokCRVwSUt8s4a_nVG8_0nY7PVN0mPmBwXdWuKHhIp72V3VXhzEDOUedU2DcsPAtU_jv3Nw-ZiuXonJQB_T3b6bSvc14m2xLPSuBLi6gASnYBd34Sb40-bhCx4Lg7yQm-yRXIPewiKLMob6bq89l_FT4vtwSo52GAtESEFcOsGF48VT261JJRgAXz_1vahOUz4ro6Jcnrsen_Nlfypk5TCaqjhnFmA3bjzlnaIS-DIFPnowaxXp20oaSr3D5BN_yrta-yI_PtLOMz0kT5hmh7acq1GGscSB90Z9302EMjFPmOQH1nUGUdUbwvNeeZMf2QkKS7DV8dieWZdfn0BQgVLCywuihV-YPgnHMpAsGguWjRhR9HNAFI2vw1gh1nr9pUf6UP3UDol0FUV25hjxQXZ7hA8CuAYP8a2u2WR1LY4j1TED1as2FxqzeS-J9RYnw7oXYTUWzv5bUW6nxfNK3rLAoOX-KCYZDJQUEgBHx94vSJvPb8eOAtciv-oRocNocMKfHNmgIAPy_DrUKujSnvSI5FQxVVMCauTy5W8d2TFsLofoRuKfB4DhgeUO0_3fzzz5j1OmGNScD6zKaiVNZrVJm5ycbGofGW4Y_VwCaZkrNSxcLVKOKFQdu721jraI92qnRJ-_MXlilKJ6I57n5IKFA5zZ0CGW__iYyU-zWXrxEEelSrxKfhJlTbRAQWqJd44k3YzB9TWVoq_YxmzxtCWFbvqPgDfAUn1wiJo4IOQyc-SWKcsQ0JgecXf1jS1xtTAqrdnKOjBjv8P5JjII6DAlU7AG3UGfwB0kpq2st7cbtsx0L0Ml811JqRvpjyfVVfBHpc7m7e8D2-zH8LJUcSzVnSX4R-GQD3c1iy9BPMGn3TquINSHJ02NMVYcl9cKXtRvXuxsZBJAJ9FTrPW6FRVKrVzF5QfRSORl2WQk6W4eP0tIJxu9hzvIuPp1HBnRgEtr9Sa1OVXXERyP6JbZFTs6_3SEYakiATQYMixx5R6nLLsCWfDRjfugo0GgOQWifUijrdygr1wBAtUYLhF4R9TIxAiURDaPmXbQSFZvQ7zOpUQCXkKbIyYf3UrG49PbtuWZFxymwCDC_wIIodjrmVH4Zvq9jOZYkCRSrqD0iGLqWyDpUMnca8LKxxoGZIZcEbQr2SiHbmhfSc42cw6lkh9-wn1H6G1wGOj-UC524QvDqY0z0liU2XE8egX2wy-pR6mYkiQ64pM7xlBsvWQIUzKg0xbPZWt0NRMEGGqTFTGRkVbVX6EZl_IyE3wdO2sWCHCKoairBQvPwhJhWJSFuu2eMD5Wz4Q-yIF7kEwSjEXOxF1vXlxInhNr7gR1a1PFI8P8PJlD499w8DTS9894FXxNdnP9_JQhI_FQ4nZbdMepCVXkZn8SLQ9fO1AxQ5ncjhvM9Qnri1J33P9c3w0TRL4wo9jU5BconqzFP5u5HcMHkUhNWySGVuP68gMHgthnnPwJNlYsSWtehiWtjghOXZoPHVKJrbFNxZ0hBWsfvVElsBCJEX9RZqOY7KLKUOoz_tZNGauPS8btNq2D6CyWyPM4M3iSrAY4uHTi5_fAa2jsk16UK6AeY0fLGFsetyW1d_l5UbbdNoqZRSCFhcPjaVb_slWzEYlPO2kSrVdwmsKK7HR__iGbcn4nkEC-ks5m7sA5NakHyIfZo3n-vm6sxMabKeqcLYNpM5e-oyPz35wHHTZQR1hl5UHtllLfPiIkyTxQOZkWd2394bDRJIuOmyPsEpK7Vn2ckkTwzjPaBjKywMx1tGq_1eO1q74k9mWKvqbrGa9Ng7BTZxwfv6V7tNZ1Cd4SbW5p6CU3nxMos5M5M1loHlIAIGMfGhm6zxh9_2u2UaG2Jy9BNtZ9OC48GsugIe5THFpVUf2HmOg8xeFfkAOH4IyjV0wTi6pZ50zMjX-tdv9OpA8Z81uirxOIEGaKWJzLuR07n2_3Iyiv_9Hp-ClXmF96LP1XQlvb7yKqSSp2fuJtBFG_1NmSBY2F0nAyYo-NxbECj0mXNHcAksvaSSvVKNyEbSuV2_Ga1lBrXJl9TdoNHKw6RMoZTGo5QsyPw94tQ-8sEQ4h8q50dBqfga5s1YWz1F-Ab6GZbOEGucXXL5qhZ_luUBXBbPJb4d8wTzyeqFprFihY9BXLy4rnyMvvy9JpThaGATXdxH552OGyZI3vjlwbTUBWXcYeJ7vVa5GuwovKAyHJ-xyEo6jhmbKhyEdzfPoxWUPbrOT-kHV-7z6-Z2aoDSQ4I9DwwIZt4ypkNzTMUo5rXFhxL5FfcgOsb25ES06_hzqA5OFSE5rCRsO7yr9X1TYuLhlBu3cASGpMmvD51K9E7IwOdWPLa_kdnOgzOD7TXDGbSEe2ztadLJI5mxkk9Dcf5Z_SoCWdl7qD-czbUd0r4I3sPXLzbMGRdp8JAsbHrONi3Ou5ZElY1WYigzogcsNpvXMpHUXsk4koV6M3YEMTWsbsveJmN4ZaEb8r1cKARMPUdRpAXYUreqKmxEwYgnuHkGWwbi7f7mMDK82KFjUP2nLysywMtDhdKi-DJre-CJTxH3uVXUFvOzNINzHgQ6EGEQxC0_VY3952zIG1qqQ0fFPSUSqoroNE0ygnHO6yACxA-7MhIpTkVxlGVy6Lok9Xz3HsLgnYYIzidaZbHo6o4fd8x7HAqOw5dKcYrtPoNsYE4m5M5QB48Qw3blH5zP1KHii6KyMLyh_vniosxvNKCEzZh-sun73bGmo1AD2lQqJ8dLavwOVmSjwbROUlY-SZnLgKl1OolsvVRv7S449A__ZvWRwySR_3TntyiZRGBNotLCBYdd9Lhf3hGUJHOzs3EtjcFsM3rBE7rp3JWYeQwG516VyhVOwb-FFCqBpZPciqIo_acqnaHxtgCcOHVc-kCANi30mepimbtwyi-2_IhG5nyg0OfibsLruq7cZ0HpU1YX5fll_POyjoa0btB14d_KePJENaWguZx0rbj7FVVOLSvtXgrW-dgOHi3BIU5n0gaidOP_s4Z9yVyZtZe2A9aRXFH4EeQPiT4WVOIzThnfvNGRFeyxFtTBoCcd10AvRLs4QXT5zdqgiaHhWEF8myVuvLowJp7mUhTsPX22LCrs0y8uWtakJb55wqytQKUJlH-HfTHBySaXJ5Z3aq_6lNOwwUlwvrKEpAqFkNFuEkyk3yzN4Rwq4ct34xd9PevimJoy6LiQejM7IxdNk7I3I8glkeVRZrdWqzDutRdqJoyD5-uGTZWPINqnqmhjrMIjKxYaCnk77g_BmMQ7EytjKh28WT9CMxyuiRwJjgta6FWGRojAZ9LYXPndJ9MfPErfB4778Ejpl98eV06xhotyGGszwLswnWR4HQO6yj1ioN5wn9iB6hL_PyTxqWRHpzYOOLeiPLj3e0RCq3CRKHVq6FzlKyozGNnm1G6LCOnmsxUHlivdtmzNsU0ylW0anNBSWTxhADKfA-cHCj_pjwz455Ks8ZGtY-GGOVFp3U07JTbekuuYPDDU3IAXcH0FzVzVf-IRYznOtOhlmvn3f4NirQPvA2Dz1jZuW7TxTQvnbLcvmctadXrRvlyapF2lW1SS2BpNVmUzydk6uaEv_1l8VcCz__dPoV_LpeulJjDHWRiUzRtxfjxPMX_GHKwr2Cb-VkCx3Ut0rt6fZxGDUcx3lTbAUfoNnLx4qMwUbcOeBAHE-x_-XOyFnsf467WG1E1_IeRP5XV5zlueKQQuk-I4fuRx_1UrCPjAm0cl08jRmOCZTIkcY7vKZSHTpISa0TpAbej7luKwvQV0zmivRMhJdPvly_kL3uIhEtvpv4--EM4O9ySLwlUD_PaYLP2IUkw&cid=CAQSPADICaaNd_-kVTrJr5bd7SRPa0B67x_VTnRtJK1XnXdcfe4iY0EFq2K2agAMSfzIhw2fYOGqEbjyXqaM0BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=5826132445747285000&adk=224573080&idt=164&cac=0&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
52794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:24:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 3DA1
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9DsnOXrigTGPrwwtD5EiK94R6uftscUR2v0dGOj-ScCRyFFz1m3XKGREXPgMfRFlhm4ikdLXTQ3LuVMN6e2aJQS62DT2jP83myTC3xj8zdpq5rOMYO9oe7chFPuzeYImrImdOndQRWEINotijhiF62CsAtgRatYalMAVLcUzm8CYwVZnpGy4km_71c8omhcvWhCfC&cry=1&dbm_d=AKAmf-A1JKsxVERd6hwUVS3pDC_k9Jb3i4M1XbwhOln6bGtFLN_2plJ87tbLLJMWokCRVwSUt8s4a_nVG8_0nY7PVN0mPmBwXdWuKHhIp72V3VXhzEDOUedU2DcsPAtU_jv3Nw-ZiuXonJQB_T3b6bSvc14m2xLPSuBLi6gASnYBd34Sb40-bhCx4Lg7yQm-yRXIPewiKLMob6bq89l_FT4vtwSo52GAtESEFcOsGF48VT261JJRgAXz_1vahOUz4ro6Jcnrsen_Nlfypk5TCaqjhnFmA3bjzlnaIS-DIFPnowaxXp20oaSr3D5BN_yrta-yI_PtLOMz0kT5hmh7acq1GGscSB90Z9302EMjFPmOQH1nUGUdUbwvNeeZMf2QkKS7DV8dieWZdfn0BQgVLCywuihV-YPgnHMpAsGguWjRhR9HNAFI2vw1gh1nr9pUf6UP3UDol0FUV25hjxQXZ7hA8CuAYP8a2u2WR1LY4j1TED1as2FxqzeS-J9RYnw7oXYTUWzv5bUW6nxfNK3rLAoOX-KCYZDJQUEgBHx94vSJvPb8eOAtciv-oRocNocMKfHNmgIAPy_DrUKujSnvSI5FQxVVMCauTy5W8d2TFsLofoRuKfB4DhgeUO0_3fzzz5j1OmGNScD6zKaiVNZrVJm5ycbGofGW4Y_VwCaZkrNSxcLVKOKFQdu721jraI92qnRJ-_MXlilKJ6I57n5IKFA5zZ0CGW__iYyU-zWXrxEEelSrxKfhJlTbRAQWqJd44k3YzB9TWVoq_YxmzxtCWFbvqPgDfAUn1wiJo4IOQyc-SWKcsQ0JgecXf1jS1xtTAqrdnKOjBjv8P5JjII6DAlU7AG3UGfwB0kpq2st7cbtsx0L0Ml811JqRvpjyfVVfBHpc7m7e8D2-zH8LJUcSzVnSX4R-GQD3c1iy9BPMGn3TquINSHJ02NMVYcl9cKXtRvXuxsZBJAJ9FTrPW6FRVKrVzF5QfRSORl2WQk6W4eP0tIJxu9hzvIuPp1HBnRgEtr9Sa1OVXXERyP6JbZFTs6_3SEYakiATQYMixx5R6nLLsCWfDRjfugo0GgOQWifUijrdygr1wBAtUYLhF4R9TIxAiURDaPmXbQSFZvQ7zOpUQCXkKbIyYf3UrG49PbtuWZFxymwCDC_wIIodjrmVH4Zvq9jOZYkCRSrqD0iGLqWyDpUMnca8LKxxoGZIZcEbQr2SiHbmhfSc42cw6lkh9-wn1H6G1wGOj-UC524QvDqY0z0liU2XE8egX2wy-pR6mYkiQ64pM7xlBsvWQIUzKg0xbPZWt0NRMEGGqTFTGRkVbVX6EZl_IyE3wdO2sWCHCKoairBQvPwhJhWJSFuu2eMD5Wz4Q-yIF7kEwSjEXOxF1vXlxInhNr7gR1a1PFI8P8PJlD499w8DTS9894FXxNdnP9_JQhI_FQ4nZbdMepCVXkZn8SLQ9fO1AxQ5ncjhvM9Qnri1J33P9c3w0TRL4wo9jU5BconqzFP5u5HcMHkUhNWySGVuP68gMHgthnnPwJNlYsSWtehiWtjghOXZoPHVKJrbFNxZ0hBWsfvVElsBCJEX9RZqOY7KLKUOoz_tZNGauPS8btNq2D6CyWyPM4M3iSrAY4uHTi5_fAa2jsk16UK6AeY0fLGFsetyW1d_l5UbbdNoqZRSCFhcPjaVb_slWzEYlPO2kSrVdwmsKK7HR__iGbcn4nkEC-ks5m7sA5NakHyIfZo3n-vm6sxMabKeqcLYNpM5e-oyPz35wHHTZQR1hl5UHtllLfPiIkyTxQOZkWd2394bDRJIuOmyPsEpK7Vn2ckkTwzjPaBjKywMx1tGq_1eO1q74k9mWKvqbrGa9Ng7BTZxwfv6V7tNZ1Cd4SbW5p6CU3nxMos5M5M1loHlIAIGMfGhm6zxh9_2u2UaG2Jy9BNtZ9OC48GsugIe5THFpVUf2HmOg8xeFfkAOH4IyjV0wTi6pZ50zMjX-tdv9OpA8Z81uirxOIEGaKWJzLuR07n2_3Iyiv_9Hp-ClXmF96LP1XQlvb7yKqSSp2fuJtBFG_1NmSBY2F0nAyYo-NxbECj0mXNHcAksvaSSvVKNyEbSuV2_Ga1lBrXJl9TdoNHKw6RMoZTGo5QsyPw94tQ-8sEQ4h8q50dBqfga5s1YWz1F-Ab6GZbOEGucXXL5qhZ_luUBXBbPJb4d8wTzyeqFprFihY9BXLy4rnyMvvy9JpThaGATXdxH552OGyZI3vjlwbTUBWXcYeJ7vVa5GuwovKAyHJ-xyEo6jhmbKhyEdzfPoxWUPbrOT-kHV-7z6-Z2aoDSQ4I9DwwIZt4ypkNzTMUo5rXFhxL5FfcgOsb25ES06_hzqA5OFSE5rCRsO7yr9X1TYuLhlBu3cASGpMmvD51K9E7IwOdWPLa_kdnOgzOD7TXDGbSEe2ztadLJI5mxkk9Dcf5Z_SoCWdl7qD-czbUd0r4I3sPXLzbMGRdp8JAsbHrONi3Ou5ZElY1WYigzogcsNpvXMpHUXsk4koV6M3YEMTWsbsveJmN4ZaEb8r1cKARMPUdRpAXYUreqKmxEwYgnuHkGWwbi7f7mMDK82KFjUP2nLysywMtDhdKi-DJre-CJTxH3uVXUFvOzNINzHgQ6EGEQxC0_VY3952zIG1qqQ0fFPSUSqoroNE0ygnHO6yACxA-7MhIpTkVxlGVy6Lok9Xz3HsLgnYYIzidaZbHo6o4fd8x7HAqOw5dKcYrtPoNsYE4m5M5QB48Qw3blH5zP1KHii6KyMLyh_vniosxvNKCEzZh-sun73bGmo1AD2lQqJ8dLavwOVmSjwbROUlY-SZnLgKl1OolsvVRv7S449A__ZvWRwySR_3TntyiZRGBNotLCBYdd9Lhf3hGUJHOzs3EtjcFsM3rBE7rp3JWYeQwG516VyhVOwb-FFCqBpZPciqIo_acqnaHxtgCcOHVc-kCANi30mepimbtwyi-2_IhG5nyg0OfibsLruq7cZ0HpU1YX5fll_POyjoa0btB14d_KePJENaWguZx0rbj7FVVOLSvtXgrW-dgOHi3BIU5n0gaidOP_s4Z9yVyZtZe2A9aRXFH4EeQPiT4WVOIzThnfvNGRFeyxFtTBoCcd10AvRLs4QXT5zdqgiaHhWEF8myVuvLowJp7mUhTsPX22LCrs0y8uWtakJb55wqytQKUJlH-HfTHBySaXJ5Z3aq_6lNOwwUlwvrKEpAqFkNFuEkyk3yzN4Rwq4ct34xd9PevimJoy6LiQejM7IxdNk7I3I8glkeVRZrdWqzDutRdqJoyD5-uGTZWPINqnqmhjrMIjKxYaCnk77g_BmMQ7EytjKh28WT9CMxyuiRwJjgta6FWGRojAZ9LYXPndJ9MfPErfB4778Ejpl98eV06xhotyGGszwLswnWR4HQO6yj1ioN5wn9iB6hL_PyTxqWRHpzYOOLeiPLj3e0RCq3CRKHVq6FzlKyozGNnm1G6LCOnmsxUHlivdtmzNsU0ylW0anNBSWTxhADKfA-cHCj_pjwz455Ks8ZGtY-GGOVFp3U07JTbekuuYPDDU3IAXcH0FzVzVf-IRYznOtOhlmvn3f4NirQPvA2Dz1jZuW7TxTQvnbLcvmctadXrRvlyapF2lW1SS2BpNVmUzydk6uaEv_1l8VcCz__dPoV_LpeulJjDHWRiUzRtxfjxPMX_GHKwr2Cb-VkCx3Ut0rt6fZxGDUcx3lTbAUfoNnLx4qMwUbcOeBAHE-x_-XOyFnsf467WG1E1_IeRP5XV5zlueKQQuk-I4fuRx_1UrCPjAm0cl08jRmOCZTIkcY7vKZSHTpISa0TpAbej7luKwvQV0zmivRMhJdPvly_kL3uIhEtvpv4--EM4O9ySLwlUD_PaYLP2IUkw&cid=CAQSPADICaaNd_-kVTrJr5bd7SRPa0B67x_VTnRtJK1XnXdcfe4iY0EFq2K2agAMSfzIhw2fYOGqEbjyXqaM0BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=5826132445747285000&adk=224573080&idt=164&cac=0&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
52573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
server
cafe
etag
17132697034905592634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:28:02 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3DA1
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
286909
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 45C5
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
27728
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 02:22:07 GMT
etag
48472445140208031
expires
Mon, 06 Nov 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3DA1
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1ffb8aea2ec470a79c8992da90c79e4a1c1fd7b2c46abb3a6dbce67cba5c5e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usermatch
ssum-sec.casalemedia.com/ Frame 4FE1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e490e0f3454ceb326e82465b930bdfebdd0b124ea4cbea540f81c78db790257

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82144584cee14da2-FRA
content-encoding
br
content-type
text/html
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oy1mlutpcD%2BUAZdJCA8Xl9ehKIrr4thCqG8o2cipY1G2G77PcvUQ1k9ldaGymsjFq%2Bz6zCVQqx8GSorrYjmsW5f9aYGvVAOsAi7tXuQzKwUdYN0fvbiywFgHOpezhrwRM9kNYl8US9rukw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame EEBC
3 KB
1 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.196.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-196-228.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
39b05f810dadf5060c7b3169cc159bae45b7dd24f5ef7c84a26ad773111b978e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 05 Nov 2023 10:04:15 GMT
etag
W/"0ca081bc78ba35e9d432ccede317dc43d"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 50E0
2 KB
863 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 7372
735 B
939 B
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
46ccca22f2d226d821e3b8462717e36dd5cf7342c1e48bae21622f59c8f63cac

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
735
content-type
text/html
date
Sun, 05 Nov 2023 10:04:15 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 632D
2 KB
822 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e209b170cae20dae0c0c8ef1192307cc06a5384086414bc543608d2d149f26ed

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82144584def84da2-FRA
content-encoding
br
content-type
text/html
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLBBT1eMkqgi5k9GS6mtPjMibd8cNwpd5S%2B%2BnplDN9FHMtSSDdrbq4qOwnTj%2FmtYBmdYv55i%2F2cqoS0V6ip8BH8v8ZanCGsiY4ye0KXii41Ko9V0w0UvJir0b1Oj4Y%2F0r9RRI8pTTvbddw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CA40
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Nov 2023 10:04:15 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 05 Nov 2023 10:04:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B131
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108019
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
Mon, 06 Nov 2023 16:04:34 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 31AF
1 KB
1 KB
Document
General
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:5800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4674fe542fd0aefd56811a0f617cb85d94dc9412761adbc6afd080b76e7253d4

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Sun, 05 Nov 2023 10:04:15 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 c49bda74c25f4f26cc20173eec28da1e.cloudfront.net (CloudFront)
x-amz-cf-id
WJjHRuBDlscWhNhHhSxmopo3V9H3VPHKtxdV8yjqRG671sRmy1qwHg==
x-amz-cf-pop
ZAG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
user-sync
sync.adkernel.com/ Frame 576C
0
160 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 05 Nov 2023 10:04:15 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 3B33
557 B
1011 B
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.198.150.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-150-224.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
a7442146a665b846ad4f03a05013db468e4386b2cd9d3312b059112b69207bd9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Sun, 05 Nov 2023 10:04:15 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=560559417966471935
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=560559417966471935
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
an-x-request-uuid
725fb938-11c5-4fd0-950a-f094ba1887f0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=560559417966471935
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HmtcqRZHKKxQCNToSiG04FzE
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HmtcqRZHKKxQCNToSiG04FzE
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:15 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HmtcqRZHKKxQCNToSiG04FzE
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 97D2
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 05 Nov 2023 10:04:15 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1699178655585
  • https://ad.turn.com/r/cs?pid=45&rndcb=3196418144
  • https://sync.1rx.io/usersync/turn/4470852050763024163?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003
0
361 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003
date
Sun, 05 Nov 2023 10:04:16 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX84e9c038cef94c6f87ce1ad858e38c07003
content-type
text/html
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433830802584029
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433830802584029
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433830802584029
Date
Sun, 05 Nov 2023 10:04:15 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=ee84a77e-fd3b-4db3-be70-13cc9f522369
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=332&uid=ee84a77e-fd3b-4db3-be70-13cc9f522369
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-29
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=ee84a77e-fd3b-4db3-be70-13cc9f522369
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DC...
  • https://ssp.disqus.com/match?bidder=31&buyeruid=cc0176d1-73d9-45a1-8cfb-4e8656e422ad&r=Cid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3...
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=b98c64b4-2318-4e71-ac8e-78d7b159c759&r=Cid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:17 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 97D2
0
34 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-6.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
sync
ads.servenobid.com/ Frame 97D2
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 05 Nov 2023 10:04:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 05 Nov 2023 10:04:15 GMT
csi
csi.gstatic.com/ Frame 3D69
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lolb3l9o&c=954826590929&slotId=477413295464.5&ghmsh_eids=44772139%2C44773332%2C44777649%2C44781409%2C44802463
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 1F45
48 KB
12 KB
Script
General
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1996972
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
821445853b3a367e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame DE2F
0
596 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
an-x-request-uuid
a0dd8309-4c2e-49f2-83b2-12dbf8fa8e98
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rs
ad4m.at/ Frame 0952
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
816ca840bdc590fdfab455bd69948ab35606da38837ff60c39990d4cf9c9f633

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQjOJRPcUug0jiMKDl3F0Ts%2F0L4xVaQbJQngEKSUFvK4656nIyPLMlyf7w5felvwcVWYjQvn42N0Adn46uXw4y6XUYRj0%2FF1lkk0mKtPdwikKw9g7x%2BwL0TxAuXpkz47shceBEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cf-ray
82144585bf956aba-FRA
x-backend-server
aa-reachservice-group-europe-west1-mrt1
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.bg3.co
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
821445856f4e6aba-FRA
content-length
24
content-type
text/plain
date
Sun, 05 Nov 2023 10:04:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HPNQsSqx%2B%2BHUoJIhKDVvVv9%2Be3nJ%2BYfxauRhH%2Fcm3Ug4JH%2FLbrDUsZfcqmHz4L7tCvdLfnc78Fwy%2B%2BOj2tN7YS2x22bzOmyGPFHzyFJjE6LFCuu8%2F%2BxZsJrDPiRDur7PxSbzCs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-mrt1
csi
csi.gstatic.com/ Frame 3D69
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lolb3lm3&c=954826590929&slotId=477413295464.5&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3D69
42 B
175 B
Fetch
General
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 0952
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWkLfATSmwUDiUb_eICnmKIR3sNK0yhwGIcA_oTEX1VmiEQEWEOpMEnyV9ydQ7BS6N8ejdKZ0m_NldxW6bQl3GB0ZPXYfSNpkRe2JDfLXPYlwqYCP5W_JVF4aSfL4yAn0UHs6kQkUacQ&sig=Cg0ArKJSzP4t3GoJMjaUEAE&id=lidar2&mcvt=1071&p=1110,436,1200,1164&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699178653391&rpt=1090&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4FE1
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
server
Kestrel
content-length
70
content-type
image/gif
480429.gif
idsync.rlcdn.com/ Frame 4FE1
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUdonnUBhaXLGOaTV5j8PwAA%263211&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUdonnUBhaXLGOaTV5j8PwAA%263211&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2c2c3258a0594f498d5db7e54094b2f3
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4110564080573384483
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d12ef3ac-66ad-4b52-9145-5ccc59f92f97
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ddcafca0-5d07-4d4b-82db-4d20aa85a87c%3A1699178656.653733&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dddcafca0-5d07-4d4b-82db-4d20aa85...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433830802584029&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dddcafca0-5d07-4d4b-82...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ddcafca0-5d07-4d4b-82db-4d20aa85a87c%3A1699178656.653733&_=1699178656.8619092
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEGqroRpiC2vvXA3F3Vz6U4o&google_cver=1
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGqroRpiC2vvXA3F3Vz6U4o&action=GET_ID&etid=&domid=1052
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=560559417966471935&opid=apx&ops=&utidl=tech:goo:CAESEGqroRpiC2vvXA3F3Vz6U4o&action=GET_ID&etid=&domid=1052
  • https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A52943064419
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A52943064419
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A52943064419
date
Sun, 05 Nov 2023 10:04:17 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 4FE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUdonnUBhaXLGOaTV5j8PwAADIsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEB1d2VUT6SM3aANh6KDmFp8&google_cver=1
43 B
740 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEB1d2VUT6SM3aANh6KDmFp8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Bx5LmNNCCfKXxsMzvAFU%2FjGZ1v5tCSJhKZlQZNgXH4iyQxh6CZC1Q3TxAf8dVosFR3EwDh%2Fp0%2F4WTPeC%2Fao2vY2OOTjEz5rNSKXO32qp1FmuMlsVVY%2F%2BAExnVaBTl4i4w1Ek7%2FVuVvJjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82144585fee81cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEB1d2VUT6SM3aANh6KDmFp8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4FE1
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUdonnUBhaXLGOaTV5j8PwAADIsAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TT126M3FVWY31NS5MCC6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4FE1
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714903455&external_user_id=05eced64-5c38-459c-915a-1c5b8cf23521
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714903455&external_user_id=05eced64-5c38-459c-915a-1c5b8cf23521
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcnqfY2Hf4%2FGpJDbwr%2B2OH9bWPpvpCvydSbfIhO83oR3OAfeP7EF7fZd8l94FTA7IzFswJ4NORb5%2FuqXLRIkkt0ax6n4gX56vTlRAhAScc7F8V4lVxGNfRaQ56I9IZTxzxEOlnmC5%2FSYzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821445870fdc1cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714903455&external_user_id=05eced64-5c38-459c-915a-1c5b8cf23521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 4FE1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=D0oqKbBL1QZzZl5
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=D0oqKbBL1QZzZl5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbfCHpIcdWH5nbkkjdOutSsCsAt3n%2FthJiwoe2%2B7fTpVf3MaBhV5ydjAFUR71QJxf1D1xFmn%2BzZGMV%2FvDELRFiP4vQdOa4l1pZvHZlvB7bjBMUNUCXaeHLwuFjUs2nInm8jTM9bl1ikTHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8214458728001cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:15 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-0876b9bf50f8ab74e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=D0oqKbBL1QZzZl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4FE1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=560559417966471935
43 B
740 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=560559417966471935
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSw3O%2F1mCJd3VImzNwx%2FRbAImpYU0vrrDqv5GWZKhVF85cUlLtYsYnZZBuiPQ57ruIpxeMpXzXcyEwX155nuG%2Bu5Rd7J2bETp8C%2BegbV1OqfyLUBb%2BLp7vVhQSo9jMP4H%2FRSHW3fv%2FaBgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821445860f021cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
an-x-request-uuid
6d93444a-105a-4213-8ba7-1d004d57819a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=560559417966471935
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4FE1
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699b21352ab2w1xez00lolb3mgv
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699b21352ab2w1xez00lolb3mgv
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCc6H1RBcm1DseBl3eqr%2Bx3GZiGFi%2F65iOUg2jR799F20MHlEa%2F8%2BYQhDOqeawBCGNIzg7kQCf40W4DHaN7ZKcIFJwbNXxt63D9QrAl3EO14%2FjXgpKvLq15ArSwCBU5ztTmPBrCg%2BBtcSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8214458cbcaa1cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 05 Nov 2023 10:04:16 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699b21352ab2w1xez00lolb3mgv
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4FE1
43 B
229 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZUdonnUBhaXLGOaTV5j8PwAA%263211
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
29925
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82144585ec2d2bad-FRA
content-length
43
expires
Mon, 06 Nov 2023 10:04:15 GMT
52154.gif
idsync.rlcdn.com/ Frame 632D
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUdonnUBhaXLGOaTV5j8PwAA%263211&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUdonnUBhaXLGOaTV5j8PwAA%263211&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d12ef3ac66ad4b5291455ccc59f92f97
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d12ef3ac-66ad-4b52-9145-5ccc59f92f97
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ddcafca0-5d07-4d4b-82db-4d20aa85a87c%3A1699178656.653733&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dddcafca0-5d07-4d4b-82db-4d20aa85...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433830802584029&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dddcafca0-5d07-4d4b-82...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ddcafca0-5d07-4d4b-82db-4d20aa85a87c%3A1699178656.653733&_=1699178656.6580637
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=560559417966471935
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=560559417966471935
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:17 GMT
an-x-request-uuid
3a9e9b7e-7642-4d54-bf03-bb5dd1c7e368
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=560559417966471935
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZUdonnUBhaXLGOaTV5j8PwAADIsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 632D
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZUdonnUBhaXLGOaTV5j8PwAADIsAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:15eb:19d4:d59:9b24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 632D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=efqjL3n3rnti-aAhff26KHmuoC5irvN-Kfs1hvYT
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=efqjL3n3rnti-aAhff26KHmuoC5irvN-Kfs1hvYT
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BMsguZWrkk6BFM6mgXIZNe2yEILwEdrq2l%2FhPSXXO6WuUZWC9lr4fiNTcqKED3ZYr6Pgwz16f2yAb0DrISjZZF4HEw3utCoPmRnsLOnQWJrZJD1Iyk0ZeO9rWIgdXN69gElfRGsYu4Qtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82144585eedd1cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=efqjL3n3rnti-aAhff26KHmuoC5irvN-Kfs1hvYT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 632D
43 B
699 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZUdonnUBhaXLGOaTV5j8PwAADIsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-203.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:15 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1699178655753081-372
Expires
Sun, 05 Nov 2023 10:04:15 GMT
crum
dsum-sec.casalemedia.com/ Frame 632D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=921275781204401352&gdpr=0&gdpr_consent=
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=921275781204401352&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MksFrSWzgsUweUNbFAaTRMCMEBeCnzSgfoTmK%2BAQ6ima1k%2BixJmIDcl3LLv7ULrAhHF0iMvKvpeZjkU%2FcqTGg4n9y3pE2LeW2Q%2BwMd%2FAWxJ7Obz9zyStsmKuAGDS3J2XQkklS8qWaQNd6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821445865f541cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=921275781204401352&gdpr=0&gdpr_consent=
date
Sun, 05 Nov 2023 10:04:15 GMT
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 632D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4110564080573384483
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4110564080573384483
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5P1R1piWTP%2BrQGdxGB4eXALW1q0UsLzlq%2Bclh9CmIL2lT6fu8OqLTTnVaQTx2sL9sXxPe36IdXdjm0OElLMJ1Kwo63cRYV5xGZ1TnpJ71VKjWsXbFEnAKMO99w%2Bo3%2BvGxlNNy1zF1F9lA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82144586af8c1cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4110564080573384483
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 632D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYHE7KjtEAABi-8U8OSA&expiration=1700388255
43 B
730 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYHE7KjtEAABi-8U8OSA&expiration=1700388255
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Fiumcj4dvtssR82IXAxSjgUp1D8JIVlmnFqXp1OI7prAl4xinvsSPIvyGm01WHmSQ5WmNjRqGDYy6v%2Fw6jocTstiRtLe1XnDKi9gJkSs0ckhScQ4Mzm51JE4SgR9TKVFus7aB6J8tZb8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821445863f281cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYHE7KjtEAABi-8U8OSA&expiration=1700388255
Date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 632D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=D0oqKbBL1QZzZl5
43 B
739 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=D0oqKbBL1QZzZl5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVKuP8fI%2Bd5pF8J8CDXFn6S53Pj%2F7RCiUkxZjV%2Bw9sDK0enHQ%2By2flBvHpzN5TgZZW58BtGP9uYDUzp9qVzk%2FpHlObxpk9AWvS6jxLmPrvTO0o1%2FaRToEp4VgtfrxjpudohBPGbAAiT%2FgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8214458728011cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:15 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-0de411db0dbb18bd6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=D0oqKbBL1QZzZl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 632D
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZUdonnUBhaXLGOaTV5j8PwAADIsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame CA40
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aa2dd03f1dbea5a540be099b05c71b8f902e0482ccd987b2a3b410a9d2b4dd7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 10:04:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Nov 2023 18:43:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31164
Connection
keep-alive
Content-Length
13280
Expires
Sun, 05 Nov 2023 18:43:39 GMT
i.match
s.tribalfusion.com/z/ Frame 45C5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMZ-y_Mf4-rO0YTAefIsHfU&google_cver=1&google_push=AXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKAW&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ-y_Mf4-rO0YTAefIsHfU&google_cver=1&google_push=AXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKA...
43 B
449 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ-y_Mf4-rO0YTAefIsHfU&google_cver=1&google_push=AXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKAW&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKAW%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
821445880e982c77-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
70
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ-y_Mf4-rO0YTAefIsHfU&google_cver=1&google_push=AXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKAW&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTysViSRitCZI4fr-sR_orFt39gVlxqB2wu0CLPzufh3SFw6_SnHy1fXBEBprT7JcUow4obuSq5tlWxyNOna85g5opDWKAW%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
821445869da72c77-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45C5
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPAPuLd5wJxXsXQa6y_EgXg&google_cver=1&google_push=AXcoOmRFxwoEBI6k7Au49eHVfoJZGMIqO1F1oxZfof4mG2Db-gIyt2UQk8d1CG78-9iMSrV5yEd9M7awW3-RlKT6DwJUoG7e0yXT
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A733B80763334980A73B8DC23A3A4730&google_push=AXcoOmRFxwoEBI6k7Au49eHVfoJZGMIqO1F1oxZfof4mG2Db-gIyt2UQk8d1CG78-9iMSrV5yEd9M7awW3-RlKT...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A733B80763334980A73B8DC23A3A4730&google_push=AXcoOmRFxwoEBI6k7Au49eHVfoJZGMIqO1F1oxZfof4mG2Db-gIyt2UQk8d1CG78-9iMSrV5yEd9M7awW3-RlKT6DwJUoG7e0yXT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A733B80763334980A73B8DC23A3A4730&google_push=AXcoOmRFxwoEBI6k7Au49eHVfoJZGMIqO1F1oxZfof4mG2Db-gIyt2UQk8d1CG78-9iMSrV5yEd9M7awW3-RlKT6DwJUoG7e0yXT
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 04 Nov 2023 10:04:15 GMT
pixel
cm.g.doubleclick.net/ Frame 45C5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSajG...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Spo-U8phM_zx72OuPtlBx4yMk-MTI_htdnsYAg&google_push=AXcoOmSajGVVg7q3wAaXcGsSycGYDGPf2ReeXb4dWo5rNlZ-BAJ4wDJsxh1KHCvMDemmxCWFFyIvhcYh9tVG...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Spo-U8phM_zx72OuPtlBx4yMk-MTI_htdnsYAg&google_push=AXcoOmSajGVVg7q3wAaXcGsSycGYDGPf2ReeXb4dWo5rNlZ-BAJ4wDJsxh1KHCvMDemmxCWFFyIvhcYh9tVG2TlZTPUCKaI8IWHG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Spo-U8phM_zx72OuPtlBx4yMk-MTI_htdnsYAg&google_push=AXcoOmSajGVVg7q3wAaXcGsSycGYDGPf2ReeXb4dWo5rNlZ-BAJ4wDJsxh1KHCvMDemmxCWFFyIvhcYh9tVG2TlZTPUCKaI8IWHG
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1393648
content-length
0
expires
Sun, 05 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45C5
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEEUn-wVcEO_xDQ9cZHAPW0c&google_cver=1&google_push=AXcoOmSfd-HyKAa5Ar3Pa-hzK9XcflIDzYYjaoebrqYPbl9e5rpejIIqoQgR6xtrcTS091bv0h0nyqfAnSMEa2U4ps-hn4yaKjf8
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSfd-HyKAa5Ar3Pa-hzK9XcflIDzYYjaoebrqYPbl9e5rpejIIqoQgR6xtrcTS091bv0h0nyqfAnSMEa2U4ps-hn4yaKjf8&google_hm=rCZ8TR4vhYG0OKmkGZfM1A==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSfd-HyKAa5Ar3Pa-hzK9XcflIDzYYjaoebrqYPbl9e5rpejIIqoQgR6xtrcTS091bv0h0nyqfAnSMEa2U4ps-hn4yaKjf8&google_hm=rCZ8TR4vhYG0OKmkGZfM1A==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSfd-HyKAa5Ar3Pa-hzK9XcflIDzYYjaoebrqYPbl9e5rpejIIqoQgR6xtrcTS091bv0h0nyqfAnSMEa2U4ps-hn4yaKjf8&google_hm=rCZ8TR4vhYG0OKmkGZfM1A==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
pixel
cm.g.doubleclick.net/ Frame 45C5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELndfQ2agZw0Ga1bZDCWZd8&google_cver=1&google_push=AXcoOmQmeOI57Iz6Ah3sw7KKne8bMEvNW3L5D-30mOD26j1AHf8Qk5iV1WVaABhnfukiitFKoKq4Ea_1OhkFU...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELndfQ2agZw0Ga1bZDCWZd8&google_push=AXcoOmQmeOI57Iz6Ah3sw7KKne8bMEvNW3L5D-30mOD26j1AHf8Qk5iV1WVaABhnfukiitFKoKq4Ea_1OhkFU...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQmeOI57Iz6Ah3sw7KKne8bMEvNW3L5D-30mOD26j1AHf8Qk5iV1WVaABhnfukiitFKoKq4Ea_1OhkFU1znI5Is6rE9mk6o&google_hm=N2VzYVF0X1JVYjQtTUhN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQmeOI57Iz6Ah3sw7KKne8bMEvNW3L5D-30mOD26j1AHf8Qk5iV1WVaABhnfukiitFKoKq4Ea_1OhkFU1znI5Is6rE9mk6o&google_hm=N2VzYVF0X1JVYjQtTUhNcldweVk=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQmeOI57Iz6Ah3sw7KKne8bMEvNW3L5D-30mOD26j1AHf8Qk5iV1WVaABhnfukiitFKoKq4Ea_1OhkFU1znI5Is6rE9mk6o&google_hm=N2VzYVF0X1JVYjQtTUhNcldweVk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45C5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGBX-ytYY4z_K_M4o6T20aM&google_cver=1&google_push=AXcoOmSWJOpejF06H824DNP2jfjB_hHWUxWcInNl2yKUaYnUEAMKFYKDooATyFmNPXiKOuTACsOQBnbyqOoItk3...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1S6dFtTSV3lGVnbORI-b58POaYM&google_push=AXcoOmSWJOpejF06H824DNP2jfjB_hHWUxWcInNl2yKUaYnUEAMKFYKDooATyFmNPXiKOuTACsOQBnbyqOoItk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1S6dFtTSV3lGVnbORI-b58POaYM&google_push=AXcoOmSWJOpejF06H824DNP2jfjB_hHWUxWcInNl2yKUaYnUEAMKFYKDooATyFmNPXiKOuTACsOQBnbyqOoItk3Zpi2Q7uAed9yt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1S6dFtTSV3lGVnbORI-b58POaYM&google_push=AXcoOmSWJOpejF06H824DNP2jfjB_hHWUxWcInNl2yKUaYnUEAMKFYKDooATyFmNPXiKOuTACsOQBnbyqOoItk3Zpi2Q7uAed9yt
Date
Sun, 05 Nov 2023 10:04:16 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 45C5
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmS1oaTgA8Fn7dEZzNp2AnKjczaumr2Ltl-a26AA3GVt1SfIJRzjTEksxtZY1164UYJ_SmrFyqI_yG...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmS1oaTgA8Fn7dEZzNp2AnKjczaumr2Ltl-a26AA3GVt1SfIJRzjTEksxtZY1164UYJ_SmrFyqI_yGXQ6q5AwMFyadR82w&google_hm=b98c64b4-2318-4e71-ac8e...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmS1oaTgA8Fn7dEZzNp2AnKjczaumr2Ltl-a26AA3GVt1SfIJRzjTEksxtZY1164UYJ_SmrFyqI_yGXQ6q5AwMFyadR82w&google_hm=b98c64b4-2318-4e71-ac8e-78d7b159c759
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-222
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmS1oaTgA8Fn7dEZzNp2AnKjczaumr2Ltl-a26AA3GVt1SfIJRzjTEksxtZY1164UYJ_SmrFyqI_yGXQ6q5AwMFyadR82w&google_hm=b98c64b4-2318-4e71-ac8e-78d7b159c759
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 45C5
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAiqXSx5UWGdA6LUNp2XlUN05WomgfKjnXDDFDY9tnhhuWeTziH_jyitN_f_ChlHF1Nq9F
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1699178654&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699178652194&bpp=1005&bdt=1592&idt=1828&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&cookie=ID%3Dfb45440c89c66303%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MYHs77w67NTCZJSNaHZFsXjXTJ_sg&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&correlator=954826590929&frm=23&ife=1&pv=2&ga_vid=1267633721.1699178649&ga_sid=1699178654&ga_hid=428456046&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1665&biw=1600&bih=1200&isw=336&ish=280&ifk=1779078654&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079347%2C44801484%2C44807047%2C44807337%2C44807455%2C31078301%2C31079356&oid=2&pvsid=1677794651560201&tmod=1645613722&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dbtrq959snvt&btvi=1&fsb=1&dtd=1857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
csi
csi.gstatic.com/ Frame 3D69
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lolb3ln2&c=954826590929&slotId=477413295464.5&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3D69
42 B
174 B
Fetch
General
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3D69
42 B
174 B
Fetch
General
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3D69
42 B
174 B
Fetch
General
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
usersync
usersync.gumgum.com/ Frame EEBC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=560559417966471935
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=560559417966471935
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
an-x-request-uuid
f061c46b-cb0b-45de-b964-1b7a4f39d2c6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=560559417966471935
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame EEBC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0c73a63a-8ab1-4d61-bb45-1cebd797f345&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5d08d8d6-4b6d-427f-ae3e-d81152dc9be0&expires=1&user_group=2&ssp=gumgum2&bsw_param=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&us_privacy=
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame EEBC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=844d5201-9fbc-04f9-3537-f5fe02def728
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=844d5201-9fbc-04f9-3537-f5fe02def728
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=844d5201-9fbc-04f9-3537-f5fe02def728
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame EEBC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Date
Sun, 05 Nov 2023 10:04:16 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame EEBC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-lQB.V8NE2pcX1HCeRs2JJgHne6FMsNY_fBen~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-lQB.V8NE2pcX1HCeRs2JJgHne6FMsNY_fBen~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-lQB.V8NE2pcX1HCeRs2JJgHne6FMsNY_fBen~A
content-length
0
usersync
usersync.gumgum.com/ Frame EEBC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=45d183f6-784b-4200-92b5-c2dd62722804
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=45d183f6-784b-4200-92b5-c2dd62722804
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=45d183f6-784b-4200-92b5-c2dd62722804
Date
Sun, 05 Nov 2023 10:04:15 GMT
Connection
keep-alive
X-CI-RTID
8d64e342-c404-4383-8d61-00bd8583d7a6
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame EEBC
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame EEBC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0c73a63a-8ab1-4d61-bb45-1cebd797f345&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_0c73a63a-8ab1-4d61-bb45-1cebd797f345&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=7esaQt_RUb4-MHMrWpyY&gdpr=0&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=7esaQt_RUb4-MHMrWpyY&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=7esaQt_RUb4-MHMrWpyY&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame EEBC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=9NxgOBg7r0Qm&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=9NxgOBg7r0Qm&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=9NxgOBg7r0Qm&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-wk6fk
expires
-1
usersync
usersync.gumgum.com/ Frame EEBC
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=921275781204401352
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=921275781204401352
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=921275781204401352
date
Sun, 05 Nov 2023 10:04:15 GMT
content-length
0
sync
ads.servenobid.com/ Frame EEBC
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_0c73a63a-8ab1-4d61-bb45-1cebd797f345
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
index.html
s0.2mdn.net/sadbundle/17797787773815615088/ Frame 6742
98 KB
22 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/17797787773815615088/index.html?e=69&leftOffset=0&topOffset=0&c=hqo7bnTee7&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b8aaffc92f26b686726acbe71d3fdd75b115c3a3908d86c77b1764a1a60adaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
Mon, 04 Nov 2024 10:04:15 GMT
last-modified
Wed, 25 Oct 2023 14:06:36 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3DA1
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVIBnnjeIoNeEp4RJDr9y2gC2DJbCkB_YjXVgdAwambjjX0wPkXPWutY_T8_6Foeb7JVMEf-hkeS7Xvt-LaA7yQ3elwNGq6IabVim1AgHc9-CtiSQm2bo_p1yRuJg8DaHgvO8DzxSTSSTjFvAyYw_rcLVfRSgx5KF614VWj-r0EeE2aKTifrk-d2TdLYxXOhCbr1Cv34n731fi5W0sPrCY1C_w5hbI6gycWVeiRm4bPS7ZUxcKx__TjLSmrCd0aZZpilKsG2SCpE1AIEMoqBCynFzXkvjtxkp3E4b_9sDnqJWb-ZqdG1LkQDT0K4Rz7qv4JqR-Lt3pIohYKX3P5VEAFzpSpIVdxZlVZaiNbEfXq9tuhde67rKRof5Avba_hPQJZcjkBeBHnYm97102dhqwVQO0EjhoGJoDKYVZ_RML_DWnaN9y86S9oUcJE55FEGKxn-xPM58txWD06U9qCYqD2qJtctjLu3wuc9GydJzr_8WLDLqOGD6MTVjAEQLWb_8TpfZqrCH27gsQIRYlWVssEEG5xil--m3qqKLjn_sYyJ1JSxS2_evkQyGecteQh5jZkNnj4Zcut7SiaC5RAMnzP9lt7NKRP0NPOuG66WEY8DUKbmvbDM2OoUaRp9MnrTQ1vuuZMWcMj7ZcbSpqBREyT2MUnFdYT9JDBFfPEgYFSE3-e-2vqWVBC6SlRcjrQjtF-x7MRCTwtITrupQkzjnZOWxBE3JC9Df9cknZyQaQoGmt0JqvHA5SouhGWl3V1rz0QJPHY-x22149i56OJXvJ1fgifAJcYGcBfGSCGKtOEYDRJ0dT8ubnGudQHmwRE4AU1RotHIBW75C4wopeAZ24vJCZtIPWZpAJ2b64kN8uP8jVqsq_fWD9N-oUPFttsRxR9Z5B7ZbAbtJF4FLjNHos2bNkaSYnoez4K_nLsPDsmNHAorwDk99E85ScCyorZzAR_yPcVqjjunT6Tt6smm8pvpagX6_CEgQrkFqbhi02Xx6Kai_a_vyE9WCE3yXQLyQuOvaIIyickg7bS6EqAahOy1ExbNDd_7g2u322jliC-FVONbfZQA5hPGeeRmtYWdn6NxLQYbh23LxZ-vGTaMPJucgfB0fgrvnf2p87QFPKFbhrBRG5XO1ay-dZWLhfFkyXVE0JUsaUjroOdSFLz88omqbYcAJ3AAy2HzDDSJxy61ROUq1GJxasdnfvj_P6xQwsEuDUeDLkedT1hdw82Qg3FCS6nI7caC0nu-MDqTdUPWWA9labGibJfR8ZkAuqXO6G0pBjPg&sai=AMfl-YQzUo9rAkBbMRGvrIKRDMBGA_i9dhSVz0ul5mEyQd441w8QTTF7sU0qSs3ayAWn-CFPknQztWsyxA8MbWrUhKawNeMYWveU2LuM5y2ozZO9M__lYOACGRCCCL5qn6B-Dz3VU5B50SinvYDb8ViBF7jlE-_x2ssBqgK4dNtHI4_fsFqZexxW8OC8KAijlvOeA5bjOVngr_BGyQaTO5vc-O7mVwVz8WXlHyCZiV7uvxiW9iTolzY_x3whzeaT7AIAsE77zFY&sig=Cg0ArKJSzKIPRuuMvv9GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=343&cbvp=1&cstd=331&cisv=r20231101.87347&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Nov 2023 10:04:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3D69
42 B
174 B
Fetch
General
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame B131
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66908057&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
1b941ca306623dc2be58425fbdb0ce4bd642eae5401ddc7c5d23a9de47779271

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame 7372
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3301365640955944149&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7372
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTIxMjc1NzgxMjA0NDAxMzUy&gdpr=0&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTIxMjc1NzgxMjA0NDAxMzUy&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTIxMjc1NzgxMjA0NDAxMzUy&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 7372
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=
43 B
391 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 7372
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=R7hkmEe1acxcu2eWQ799n0fsZ5lc7DTJF7nhqT-K
43 B
351 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=R7hkmEe1acxcu2eWQ799n0fsZ5lc7DTJF7nhqT-K
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=R7hkmEe1acxcu2eWQ799n0fsZ5lc7DTJF7nhqT-K
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 7372
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=cef7bce670
43 B
366 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=cef7bce670
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sun, 05 Nov 2023 10:03:40 GMT
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
36
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=cef7bce670
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
lkQSHo-_oiBPwWRg58KCa1xPjRj99rm_mw8349_snidtSTrP6a8gaQ==
rar
as.ad4m.at/ad/ Frame 2926
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c0daf6dcb01a16d66643010c53de3e3ee1aae1f2930a13ef28e521d4b7ba48
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82144586a8439b6e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
csi
csi.gstatic.com/ Frame 3D69
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lolb3lpm&c=954826590929&slotId=477413295464.5&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3D69
42 B
174 B
Fetch
General
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
usersync
rtb.gumgum.com/ Frame F363
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=4365169368219957760&gdpr=0&gdpr_consent=
35 B
208 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=4365169368219957760&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.196.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-196-228.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 05 Nov 2023 10:04:16 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=4365169368219957760&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 0C51
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wYzczYTYzYS04YWIxLTRkNjEtYmI0NS0xY2ViZDc5N2YzNDU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2B4F
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108019
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
Mon, 06 Nov 2023 16:04:34 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 91D9
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sun, 05 Nov 2023 10:04:15 GMT
server
Kestrel
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3D69
42 B
174 B
Fetch
General
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
cs
cs-rtb.minutemedia-prebid.com/ Frame 31AF
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
532 B
Image
General
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:20d7:5800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 c49bda74c25f4f26cc20173eec28da1e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
k2dWP0TesY36vJ4JfAUBlfzyeJoUXzCAK69idxQX8AFHo42V55zpqg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Sun, 05 Nov 2023 10:04:14 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 31AF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
0
484 B
Image
General
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:20d7:5800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
via
1.1 c49bda74c25f4f26cc20173eec28da1e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
SGjaCqfUBP9auF6dgMa_whBA831grw_uHrogbJYgElfrMfFu5KP_3g==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
date
Sun, 05 Nov 2023 10:04:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 31AF
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=ea291475-c83b-03fb-2ad4-fce48a8d7c8b
0
485 B
Image
General
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=ea291475-c83b-03fb-2ad4-fce48a8d7c8b
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:20d7:5800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 c49bda74c25f4f26cc20173eec28da1e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
_QwW1FH4e_VFexg87DEmCKOGOkVpAxGNUyJ0jMajAF07x3mt91dFyA==

Redirect headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=ea291475-c83b-03fb-2ad4-fce48a8d7c8b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 31AF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUdonnUBhaXLGOaTV5j8PwAA%263211
0
485 B
Image
General
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUdonnUBhaXLGOaTV5j8PwAA%263211
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:20d7:5800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 c49bda74c25f4f26cc20173eec28da1e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
a4BxfjEOnxSKSHYPv8NEEIvrt0FszeowBlNtB7c0zDhtjijQIRQjTQ==

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvCB5k5ufuouQWrEbYzle82cA8a0q15v2wjixHQlBIlEvGPenyabjje73%2FUZqeafKZHQGTflJTyGhcseJ0g9sTYq3rgQ7DTx8wjm5wU75V689XR3X9dozyTzinsHJzFX2AtPyTLQeQwtHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUdonnUBhaXLGOaTV5j8PwAA%263211
cache-control
no-cache
cf-ray
8214458738091cab-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 31AF
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1159291947775073476968
0
486 B
Image
General
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1159291947775073476968
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:20d7:5800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
via
1.1 c49bda74c25f4f26cc20173eec28da1e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
6MupoJkEBsMRS0HD9HqGGLweqxliFjOfRUNj9u1xMOy5Ca3-LqxnJg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1159291947775073476968
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
ap.lijit.com/ Frame 31AF
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 05 Nov 2023 10:04:15 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 31AF
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=38457c9cfb3787ed3baab49d3aeac213
0
486 B
Image
General
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=38457c9cfb3787ed3baab49d3aeac213
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:20d7:5800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
via
1.1 c49bda74c25f4f26cc20173eec28da1e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
hc1JWPYm95HbgSZQdq2zGxY4xpQQhML8mPMLeWfcRORPZST3aKdnlA==

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=38457c9cfb3787ed3baab49d3aeac213
x-kong-upstream-latency
5
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 31AF
0
341 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=348&uid=bLqnz8tzkp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7A33
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
179395
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 08:14:20 GMT
expires
Sat, 02 Nov 2024 08:14:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame CA40
7 B
776 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOLB3IFW-1C-2D87
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 6742
120 KB
41 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797787773815615088/index.html?e=69&leftOffset=0&topOffset=0&c=hqo7bnTee7&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797787773815615088/index.html?e=69&leftOffset=0&topOffset=0&c=hqo7bnTee7&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 08:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 06 Nov 2023 08:25:03 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/ Frame 6742
110 KB
33 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797787773815615088/index.html?e=69&leftOffset=0&topOffset=0&c=hqo7bnTee7&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
308475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
32828
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1b8f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7H4Kyzz246FhHAdKoeo6Zywy4%2BroFEOSY9F8bY7t0905lIFML4Ix%2BPzYD01rF7k4komhjogWh4pjDP2Gj3NVkJSmBkvR8JlL2poeqsN%2FdSlMS0NgI%2Bm0w4N9Ke33ATLyreyrx8jFe9cXQo2fmUOacyjp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8214458b8cf04d2e-FRA
expires
Fri, 25 Oct 2024 10:04:16 GMT
usersync
usersync.gumgum.com/ Frame 4578
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZUdooMCo5r8AAAiukZQAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZUdooMCo5r8AAAiukZQAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 05 Nov 2023 10:04:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 05 Nov 2023 10:04:16 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZUdooMCo5r8AAAiukZQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
281
X-SO-Cluster-ID
0
X-SO-HostName
m-ad185.dc4p.scaleout.jp
X-SO-IP
195.206.105.131
X-SO-Key
ZUdooMCo5r8AAAiukZQAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"195.206.105.131","key":"ZUdooMCo5r8AAAiukZQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad185"}
X-SO-LB-Hostname
a-tgng40001.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad185
usersync
usersync.gumgum.com/ Frame 7A8D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=KXWhMQCskTN1IeTZXbCj&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=KXWhMQCskTN1IeTZXbCj&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 05 Nov 2023 10:04:16 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 05 Nov 2023 10:04:16 GMT Sun, 05 Nov 2023 10:04:16 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=KXWhMQCskTN1IeTZXbCj&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame BC48
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Nov 2023 10:04:16 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 05 Nov 2023 10:04:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
drop_cookie_sw.php
csync.smilewanted.com/ Frame 9CF9
0
356 B
Document
General
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8214458a993d367e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:16 GMT
server
cloudflare
vary
Accept-Encoding
track
t2.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t2.teads.tv/track?action=visible-1&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&gid=1088630&studio_cid=965cfab0-6db8-11ee-bb82-f7c60699fc5f&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1699178654463&cid=1151811&pid=169092&p=xkQ8WN_-Gl3OVxUdcsrFrRBKA7AH_-_Bjxcw0r_tdk22hIcQ9QAcLfp7o7h38QQZjBJO3bDklFzKD7FHKjWI-6AttbW-KhPHE2NSrpH6AFY_WA7hnxyeI4M0EO_YmmSx6GJ6eS315EsOwAkhUYGcyAzwQQATRMgZyYbR7pQ84aF8o14nyq-IQvsp32HTVAT8jzEybjR7YA9XG77XfOiIcBzWYQZU6I8oztzsMmyoLnkbWxm7GdzPWy4WIVD0V0_hMWomNsfwtGezJt1BmzMwPLHIl9qk2GpRHSEppHhM7q9BHmFyDnKwPmL2X4UWO6s5RqGEhOc5QW9QOCwFQAZ0hf7zdnOyLwunEnWaYDXGCQWTeQ&cs=501562871902103218505&slot=native&fv=1283&ts=1699178655859&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2926
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254201
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvRVgr7TOcyjKwEDzK1lP%2BFOfxR8vh3VULyuNF%2B6kNP%2BToZ63XTsVPlrRhS93AYsn2ux5wQm8KIEt1TS3PLAefADuAKjtmImR1Nk3iZYGqYgnZXX5jKabqv%2BgpSLcEcUmwVZl6fJxuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
821445874fda3720-FRA
expires
Mon, 06 Nov 2023 10:04:15 GMT
D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
assets.ad4m.at/logo/ Frame 2926
11 KB
11 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
307910
cf-polished
origFmt=png, origSize=14365
alt-svc
h3=":443"; ma=86400
content-length
10826
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:36:32 GMT
server
cloudflare
etag
"405368a2037ee53412eae93c3ecf0526"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXiMf0xAj%2BXvi1%2FIBi7poek66xE45a%2BQ%2FjWQLyikEGzANSH3i4fCdOhVsYLGh8a6xzfyruMbSg4TkHzwNIE57%2BF%2Fcm5Ni6WxWLrIRi3p8EJWN%2FSg5pLBaUgaAMr0vUW%2BfF%2Fk%2B148AMKmmLWJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8214458768de9b6e-FRA
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame 2926
14 KB
14 KB
Image
General
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1005463
cf-polished
origFmt=png, origSize=17719
alt-svc
h3=":443"; ma=86400
content-length
14118
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 14:16:19 GMT
server
cloudflare
etag
"27a67b486c4e661d3a1c0664a26b354c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2ByZkkigCo6ZW29fomTnDMFDE09xICxNwuG%2BaO8CwCKWZWoBDV6wN4oGGNPhiQMSbiQPdNCl2EQoPXpqhthpT9IgDF%2FfFLM4M0fs%2Bh5Ip4cMljo1FpMQ4j8RG4aLYoZTdgYf5i8dT%2FpItPd1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8214458768df9b6e-FRA
ztpv.php
www.conrad.ch/ Frame 2926
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?insert=AW
0
493 B
Image
General
Full URL
https://www.conrad.ch/ztpv.php?insert=AW
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:bae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
8214458ccdd75d9e-FRA
content-length
0
expires
-1

Redirect headers

Date
Sun, 05 Nov 2023 10:04:16 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?insert=AW
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
assets.ad4m.at/logo/ Frame 2926
30 KB
30 KB
Image
General
Full URL
https://assets.ad4m.at/logo/EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
300976
cf-polished
origFmt=png, origSize=57632
alt-svc
h3=":443"; ma=86400
content-length
30756
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:39:06 GMT
server
cloudflare
etag
"de40c3e9eed9e7f2fbbae8f194b696fe"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjm4SWm7MD9K14z43Ls3vWzNyZrJHLFmzJB46yljARfzMv7Forw%2B6J9j113O0GJRiUL6s0YEOd1H10JbZ9WjxOw8ZnruAUarhlS6GecHY%2FOYHqj831sFoGdUzDMtVW%2F7chffQ6F4ck4g4yPJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8214458799109b6e-FRA
FA7CABCA2D4D07822605A291722D3FFF5108F1CA7C84CCB709D17A5E59895CBEBEEC9A4AB2584248347AF01725515E810B6ACC3B799E1F508BC7DC86AC2E46BE
assets.ad4m.at/ Frame 2926
33 KB
34 KB
Image
General
Full URL
https://assets.ad4m.at/FA7CABCA2D4D07822605A291722D3FFF5108F1CA7C84CCB709D17A5E59895CBEBEEC9A4AB2584248347AF01725515E810B6ACC3B799E1F508BC7DC86AC2E46BE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb0ddd1c7207dd09e38de1312cfc2aedb825999d5acc2389f1828ea4c9ec7b79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305709
cf-polished
qual=85, origFmt=jpeg, origSize=85478
alt-svc
h3=":443"; ma=86400
content-length
33996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 13:41:34 GMT
server
cloudflare
etag
"d46b39735257ca175bb425d9547b0e48"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cc9VlcHT0jjiWXd7v7l3GWTQ5iUCkfQF1AjxlmWYhMgb8PfwKCWo7WAqrGnrSk7BfnQse0Prtx5EnhOOUZ2J8N8kZ9TuXiudBxXEjDmV0sU7zE41i4SuLCfB%2F%2F4%2FuMWieA30jvboYT7Hj58o"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8214458799139b6e-FRA
449f5b35d42da36136c4a7bb695acef1
mediaintelligence.de/trck/ehtml/ Frame 2926
361 B
893 B
Script
General
Full URL
https://mediaintelligence.de/trck/ehtml/449f5b35d42da36136c4a7bb695acef1?tp=onetag
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.61.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3184552.ip-51-195-61.eu
Software
nginx /
Resource Hash
a26b73a16ca2890697755f54e3d584a0fc7d2b9983d7afea913c61e1ed73f338

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
attribution-reporting-register-source
{"source_event_id":"2500500030418380","destination":"https://mediaintelligence.de/","expiry":5184000,"filter_data":{}}
server
nginx
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
x-min-lb
n1, n2
content-length
361
5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
assets.ad4m.at/logo/ Frame 2926
3 KB
3 KB
Image
General
Full URL
https://assets.ad4m.at/logo/5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
307911
cf-polished
origFmt=png, origSize=10671
alt-svc
h3=":443"; ma=86400
content-length
2788
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:47:11 GMT
server
cloudflare
etag
"9acf9d00a48a7f6dbfd2227b1e5270f4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuUjOY171Ck8iEWFQpsyDpPFAIdQQoJDmRpc7zH2gVfcjPmzldGU7Pxbep7dPh0ZAlX3zO5VlRoCEfiSc0NAz5oVzDdoLNDopmLtpIHIlXXQU8eDwGQjn68SW%2BYxbC2sqTIO424j7QmWi05t"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8214458799159b6e-FRA
83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
assets.ad4m.at/ Frame 2926
95 KB
96 KB
Image
General
Full URL
https://assets.ad4m.at/83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
376118
cf-polished
origFmt=png, origSize=161182
alt-svc
h3=":443"; ma=86400
content-length
97668
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 14:13:58 GMT
server
cloudflare
etag
"51d64cff249103fb8a1f53706965d58f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNoz8LeEO%2FFE9M56phn2DNutuyuqRI2CyeLautstKhX0BZWZnwB4Xy0Yb%2FDq7qi49K0urTUWFFmzvDhb64HoaxcDLwX111g3%2B7GxrHJdSSij7%2BPg4pqCcsTwb2JfqrOL%2F9pHs7mKeFPN1DUx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8214458799169b6e-FRA
cshow.php
www.awin1.com/ Frame 2926
43 B
703 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=de8748045bfdb5e9561057222abefaea%2F9963966601684904045&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1699178655617&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCSLX5m2hHZafiMY-C1PIPpbSnuAnE_sLSaKeDiqTUC_YuEAEgur7wFmD1lc6B4ATIAQmpAircdGgTAbI-qAMByAObBKoE_wFP0FrlQ5oqGrYCPHFIVL422dONY-_w45HEpaiiHNwqoVPKvQnfo7lq5mTbWfnDOxvyyq4Ud_eJWcZsv-Vqp5-_hf2mgueGEvFW9eilRd29WYCXPXxoAQfIjkpBoXerN6SGQkIDSlEJShJQ4UOREKJK4O-MHWjk-Bm15FK454RUyK8gXOlmNc-n9kJ7meOkva-8tVY1o8S5IgAUpjqd0RpQQm-dO-PVimO75zvDmG1v-3lw3-cQXTyLWEHhi0t_7Qb44lnGCzZ3gbVqQ-i5Qb4VLlcPBBK-K7GODPzYOT-DGoUzNiyDptIHkZ4kYM5KU5D5UbGVuvjCwakJ6FwWkIbABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaNijZYr6ZzmDL2XiyRNP4pw4QO40Nm8oXsPsyGq1Rn3Ce8OtPw776sLNSJsHfNGAE%2526sig%253DAOD64_0SzUQA7KUIj-jgdx8mOtqR_4FP8g%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CmNjo9Rb5JMrO1KG4OxXMB034fM2aQQQLjY4L2Zl_I4_O3DvUqb63tVXg7udOrwGvQQKPJWI_e4FTfE40kmsaLk4ft-nDmZkDSATK--KUhKzcZAOk-6U2_JHnUFuu1KMG93Y3OmxuDdmdUstTP6xhLMnWztWmjgTEKW5k2aqkvQC-d9KI%2526cry%253D1%2526dbm_d%253DAKAmf-CKfz_KQz9UwRjhA_LxLGjX7LiwUzTH_vw7PI_1aUknhc5ait6WAHsMRr98OVLqKEF4mUxk3emWwsqULc9_WjwsMfVZozKQS1S0rX-crp4ZOP_oxip8W1z5bO4PSppoqYaiMTZUjZUm0Jnbv8rB6npkUS1_ahOZLb7HNlPIhISdIaRFYFCFUOK38sKyakWKXe_SEQcG2Va3sz9wdPW3AbDuzSfJttta9blTf3yIWidVjk8sTDX_c1vwbFxRhxjzVYKKUQUa6za75FAGAMSDLVAQxng5G2wBY7uthlND-wAuc7Ls_HuVE5NeHth6L8nF2v_o1Y_m2hXZKwDwwyrwppWCAF-ZxVsDqsmOkpfyac3u4bWtZ7JgeZyEbRAg77i0JI7rVkGZZX4OH4rqOCwe6mS_YEtn022Nq9EkJza8IkLfyqWHje7q8lJjIHstWjHi5yeH-QV3GJ_JvPoYk-sKT7dDcUBcRHxlp9XWYrIOTtUZMytZWP_Rx-q3lN2LoUSyMKS6k6oJlYgf_nHxuxTzBIMkc2Z0GMCwk3UosyzTwECA1nt1ZWCQeKOiB0skiNAJpqnNOgB9JM78hE0JQ8wE6-o3bru0vLpFKbHyxi8eSpj5TqyYkHs%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.68.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-68-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
sync
ads.servenobid.com/ Frame CA40
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOLB3IFW-1C-2D87
  • https://ads.servenobid.com/sync?pid=323&uid=LOLB3IFW-1C-2D87
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LOLB3IFW-1C-2D87
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LOLB3IFW-1C-2D87
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
/
onetag-sys.com/usync/ Frame AF91
2 KB
863 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 3D69
42 B
174 B
Fetch
General
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel
ap.lijit.com/ Frame 02B2
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 05 Nov 2023 10:04:16 GMT
X-Sovrn-Pod
ad_ap5ams1
bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame 6729
754 KB
242 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
492672
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 17:13:04 GMT
expires
Tue, 29 Oct 2024 17:13:04 GMT
last-modified
Mon, 30 Oct 2023 17:07:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3C33
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 09:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 05 Nov 2023 10:12:44 GMT
pixel
ap.lijit.com/ Frame 33C8
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 05 Nov 2023 10:04:16 GMT
X-Sovrn-Pod
ad_ap5ams1

Redirect headers

content-type
text/plain;charset=UTF-8
date
Sun, 05 Nov 2023 10:04:01 GMT
location
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
img
sync.mathtag.com/sync/ Frame 0F78
43 B
443 B
Document
General
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x24 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 05 Nov 2023 10:04:16 GMT
Expires
Sun, 05 Nov 2023 10:04:15 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x24 config_version:"1369"
Pug
simage2.pubmatic.com/AdServer/ Frame 5B60
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:15 GMT
expires
Sun, 05 Nov 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
847501
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4887
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 05 Nov 2023 10:04:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
J3DS4P9XHR4CCGWC4EZJ
Pug
image2.pubmatic.com/AdServer/ Frame 9083
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kTUhWpE4LA6KNiJUlTI4XZFhIluKYXELwTRGJlec
42 B
573 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kTUhWpE4LA6KNiJUlTI4XZFhIluKYXELwTRGJlec
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 05 Nov 2023 10:04:16 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kTUhWpE4LA6KNiJUlTI4XZFhIluKYXELwTRGJlec
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
cs
cs-server-s2s.yellowblue.io/ Frame 8606
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=560559417966471935&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
0
321 B
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.198.150.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-150-224.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Sun, 05 Nov 2023 10:04:16 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 10:04:15 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 3E8D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7297916757596240012&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 05 Nov 2023 10:04:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 05 Nov 2023 10:04:16 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 5FC7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a3b5a9c6-d4b8-44a8-bbfa-cbec1a1b4341&bsw_param=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
165 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 05 Nov 2023 10:04:16 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=330265bf-f52f-44ea-a3cf-f9ea286f4b9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
ImgSync
image8.pubmatic.com/AdServer/ Frame 8E33
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1S6dFtTSV3lGVnbORI-b58POaYM&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 05 Nov 2023 10:04:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 05 Nov 2023 10:04:16 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C7C2
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 05 Nov 2023 10:04:16 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame C53D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWUhFN0tqdEVBQUJpLThVOE9TQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADYHE7KjtEAABi-8U8OSA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=921275781204401352&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AADYHE7KjtEAABi-8U8OSA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D921275781204401352%26gdpr%3D0%26gdpr_consent...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=921275781204401352&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADYHE7K...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYHE7KjtEAABi-8U8OSA&gdpr=0&gdpr_consent=
42 B
199 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYHE7KjtEAABi-8U8OSA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 05 Nov 2023 10:04:16 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYHE7KjtEAABi-8U8OSA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 8A7D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZUdooAABdUVErQAU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 05 Nov 2023 10:04:16 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230107-FRA
x-timer
S1699178657.764565,VS0,VE96

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sun, 05 Nov 2023 10:04:16 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZUdooAABdUVErQAU
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230107-FRA
x-timer
S1699178657.614557,VS0,VE96
Pug
image2.pubmatic.com/AdServer/ Frame F750
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU82cbf16a609a4c99aac7f0bc5e1bf659
42 B
277 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU82cbf16a609a4c99aac7f0bc5e1bf659
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU82cbf16a609a4c99aac7f0bc5e1bf659
pragma
no-cache
server
Tengine
ImgSync
image8.pubmatic.com/AdServer/ Frame 8F62
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 05 Nov 2023 10:04:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 05 Nov 2023 10:04:16 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
bridge
cm.adgrx.com/ Frame D56E
43 B
283 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 05 Nov 2023 10:04:16 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
cm
ipac.ctnsnet.com/int/ Frame 603C
43 B
369 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 05 Nov 2023 10:04:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 5EFE
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1829029783605596279
42 B
274 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1829029783605596279
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1829029783605596279
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cs
cs-server-s2s.yellowblue.io/ Frame C5BB
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433830802584029
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
0
321 B
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.198.150.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-150-224.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Sun, 05 Nov 2023 10:04:16 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 10:04:15 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookiesync
core.iprom.net/ Frame C0AF
43 B
277 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 05 Nov 2023 10:04:16 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-942bbd6a919d@version_1.575
X-core-time
0ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 17C9
0
0

sync
ads.servenobid.com/ Frame 645E
0
357 B
Document
General
Full URL
https://ads.servenobid.com/sync?pid=316&uid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 05 Nov 2023 10:04:16 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B131
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pa6VQtCnTvqD4vT1M5O0eA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=108018
accept-ranges
bytes
content-length
5606
expires
Mon, 06 Nov 2023 16:04:34 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame B131
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=&ct=y
49 B
543 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.22.228
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.19.44
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame B131
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3251483107
0
45 B
Image
General
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3251483107
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
via
1.1 google
last-modified
Sun, 05 Nov 2023 10:04:16 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
via
1.1 google
last-modified
Sun, 05 Nov 2023 10:04:16 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3251483107
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
match
a.audrte.com/ Frame B131
0
0

Pug
image2.pubmatic.com/AdServer/ Frame B131
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0RBRTk1NDItRDBBNy00RUZBLTgzRTItRjRGNTMzOTNCNDc4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B131
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECDAPQLEbCaUhVyYsvz-bYE&google_cver=1
42 B
269 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECDAPQLEbCaUhVyYsvz-bYE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECDAPQLEbCaUhVyYsvz-bYE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B131
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 04 Nov 2023 10:04:16 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B131
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4365169368219957760
42 B
472 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4365169368219957760
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4365169368219957760
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame B131
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame B131
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-82uId8NE2uUAiA0pUMoYd7rnQFQYegA-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-82uId8NE2uUAiA0pUMoYd7rnQFQYegA-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-82uId8NE2uUAiA0pUMoYd7rnQFQYegA-~A&gdpr=0
date
Sun, 05 Nov 2023 10:04:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
3DAE9542-D0A7-4EFA-83E2-F4F53393B478
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B131
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3DAE9542-D0A7-4EFA-83E2-F4F53393B478?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:15eb:19d4:d59:9b24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame B131
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=28e094f1-12ba-48f4-bf8c-2ec2a773d466-654768a0-4348&gdpr=0&gdpr_consent=
42 B
263 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=28e094f1-12ba-48f4-bf8c-2ec2a773d466-654768a0-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=28e094f1-12ba-48f4-bf8c-2ec2a773d466-654768a0-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B131
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4110564080573384483&gdpr=0&gdpr_consent=&us_privacy=
1 B
219 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4110564080573384483&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4110564080573384483&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ImgSync
image8.pubmatic.com/AdServer/ Frame B131
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=46a80c7622201718&is_secure=true&networkId=17100&version=1&nuid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIylCUMD5tWQMMaTuOAAAAAAA&expiration=1699265056&nuid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
41 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-server-s2s.yellowblue.io/ Frame B131
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3528f569-b71b-446d-a58f-7275e2f3f0cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
0
321 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.198.150.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-150-224.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
date
Sun, 05 Nov 2023 10:04:15 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
480_650.mp4
cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/
8 KB
0
Media
General
Full URL
https://cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 05 Nov 2023 10:04:16 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
generic
match.adsrvr.org/track/cmf/ Frame 3E46
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7248575707
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7248575707
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sun, 05 Nov 2023 10:04:16 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 05 Nov 2023 10:04:16 GMT
etag
RX84e9c038cef94c6f87ce1ad858e38c07003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7248575707
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 7A33
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
51053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Nov 2024 19:53:23 GMT
0152d61b-5cba-5235-b79b-c321d2dcabbd
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 7EAE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/0152d61b-5cba-5235-b79b-c321d2dcabbd
0
392 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/0152d61b-5cba-5235-b79b-c321d2dcabbd
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8214458baa70367e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:16 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/0152d61b-5cba-5235-b79b-c321d2dcabbd
generate_204
tpc.googlesyndication.com/ Frame 46A0
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?iq55vw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F31
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueqpMSYic8v1YPOUKDLIncdQyHi5amsc7e-Is0NO1kgCnWRfdhejvCbI8lhvKsWat21S-oDpSGHRYPycVA0fwLSU8OhP73i2mzRB1Aio_GAREB4CKwsZYnHNmdVfWTcFoj9OYoP3iXEg&sig=Cg0ArKJSzE1wtXAM31mEEAE&id=lidar2&mcvt=1019&p=60,450,310,750&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699178653081&rpt=1943&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6742
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30aa3d14e649b75624f72b93524908dd988078a4944590ac22524d208aa8f11a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5767
x-xss-protection
0
3f7a3ab3b62d3aaff63243f5e2ab1a6c5af685a65e2ea728bab7620f54081a09
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame FE06
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3f7a3ab3b62d3aaff63243f5e2ab1a6c5af685a65e2ea728bab7620f54081a09
0
697 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3f7a3ab3b62d3aaff63243f5e2ab1a6c5af685a65e2ea728bab7620f54081a09
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8214458d8ca5367e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:16 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 05 Nov 2023 10:04:16 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3f7a3ab3b62d3aaff63243f5e2ab1a6c5af685a65e2ea728bab7620f54081a09
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
4365169368219957760
csync.smilewanted.com/set_partner_userid_get/adform/ Frame DEA6
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4365169368219957760
0
428 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/4365169368219957760
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8214458c3b1c367e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:16 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 05 Nov 2023 10:04:16 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/4365169368219957760
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame B833
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYYTJnmhHZeOdB4aQ1PIP7YKxkAcAAAAAOAHgBAI&bg=!8POl87zNAAb4oU7C2KE7ADQBe5WfOFoFnCl2cMdMt6tk8U_nlGjznmmtkEffryeLxiQocUYT1RI9kFwu044vvjk4lbvlAgAAAflSAAAACmgBBwoAMavpcsGyW8ZrAmWW_vnmIYzgB9EA0EGywH6ry69adEEzcBYSwf14C2pApW7aE_kEA2-ZAtDQEuFnzBou3JMp4fXEHJX3VBHe28tN4brtQ591BbeARvoCx64Yh-VuRBibeak3iF6y1gDZ_O2wgH-H5PmAKlve3ASFDU-VW2duncmav_P2X03Q9p1YX2I8_DIj2Vh0F9ub55lZZEATu0EGFjGUKoATgbu9goXZNT8juxxslR6endNuQM2tmO4hRR4a4tXz5RBjEoufINStGNtcmyS8ARc6hcNf5GRyhpBUT3rn2OKhjjUGnFFZg4cuzdqES04zLMtlA0JZrucwl7sjQEZeLtlkZJdI_tvMmFRPzG160bx1yLqVGNhGIGX20v7TcYbmfiXknswhWIcRW7Y8MZomtm6D5JXxYPZV-JAKJjXgulnqX5blPLP6PUaVOZE3VAFqvJypsxP7j8GJoKYHoibYrFq2ulqSqX_Wf5sZGdnVvVjrmZIg1nLkeW3rqSBfhi94OCrW7o5ewZ6Wh3KNiv_felOB9iYUQigQLobxhT98gqIfB24-Nbf7KgYHml5Eok1Rtxu9V1ImnAAKFQC9Pb7HIgSrn6Q4XFQtBD2bg_P5gjAIc7k9lWTaj4Wy3PwGqxwhai9_qbpczHCQ5DceOOr36FHD0WLXp-WU08mJXk3WAagoHTP2e_ve1G0dYvjDRVtucPwUuYht1lm724ubmi4ltJV0EGSRAyDR3BOxM5pK14992lZIXTZrX8tY5vASqi5pR4Oi2EkdY9ONFdQF6qhMAm27OCjpk-7rDkbpFvmsOHTS6RMcXsWRjx6vCHCg2nRePGmvhJ9_c7-E_44rkjs3lGnm2UQ9Idv2Zk3zWGXq93rozhlsIEMbEvA9gVbUCIrAaJJtQ6CO0T1stKvQtetO70g4lgnebGEchLqSRLzd46tWsfvYKEub943pJY-aFxraAnqmgqZfaK2GS2oXVfli0vHTLaBJeuKNKaUP2h2aT8OA-aoMDNDoaz_kM3v7LX0pj4w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ssp-sync.criteo.com/user-sync/ Frame 9672
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=4WvksV8lMkY1WXE0eWtaNDVMd3A1cXJyT2lNJTJCVnc3cGNkYTU3dVR0UElySTd0VTNLVmdCdEgwa290aGVCSVcxZUglMkZFejB3TWklMkZhY1BDdSUyRndNRUhSVlIlMkJVTkx2aE54WW9Ha...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k--m4Wu8phM_zx72OuPtlBx4yMk-NSDiVuYKZTLg&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=330265bf-f52f-44ea-a3cf-f9ea286f4b9c
0
0
Document
General
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=&u=330265bf-f52f-44ea-a3cf-f9ea286f4b9c
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:16 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 05 Nov 2023 10:04:16 GMT
location
//ssp-sync.criteo.com/user-sync/match?p=&u=330265bf-f52f-44ea-a3cf-f9ea286f4b9c
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0952
0
22 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7240896015948&version=m202309260101&ct=77&x=8&cor=12384725412355742000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
cookiesync.api.bliink.io/ Frame 7A1D
24 B
175 B
Document
General
Full URL
https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.65.172 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.65.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-length
48
content-type
application/json
date
Sun, 05 Nov 2023 10:04:16 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
39
78799c6a3124dbcab4ae5cebb5a35181
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 349C
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/78799c6a3124dbcab4ae5cebb5a35181?gdpr_consent=&gdpr=0
0
378 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/78799c6a3124dbcab4ae5cebb5a35181?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8214458baa74367e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 10:04:16 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 05 Nov 2023 10:04:16 GMT
Expires
Sun, 05 Nov 2023 10:04:16 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/78799c6a3124dbcab4ae5cebb5a35181?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1699178656485031-389
ImgSync
image8.pubmatic.com/AdServer/ Frame 3B33
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=560559417966471935
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
93 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Sun, 05 Nov 2023 10:04:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.yellowblue.io/ Frame 3B33
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=78799c6a3124dbcab4ae5cebb5a35181&gdpr_consent=&gdpr=0
0
330 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=78799c6a3124dbcab4ae5cebb5a35181&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.81.116.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-116-253.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=78799c6a3124dbcab4ae5cebb5a35181&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1699178656338084-505
Expires
Sun, 05 Nov 2023 10:04:16 GMT
v1
match.sharethrough.com/universal/ Frame 3B33
0
34 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-6.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
sync
ads.servenobid.com/ Frame 3B33
0
340 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=352&uid=sTvc-5a-kj_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:16 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame BC48
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aa2dd03f1dbea5a540be099b05c71b8f902e0482ccd987b2a3b410a9d2b4dd7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 10:04:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Nov 2023 18:43:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31163
Connection
keep-alive
Content-Length
13280
Expires
Sun, 05 Nov 2023 18:43:39 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
2 KB
797 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1699178656564&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=146687625&pt=1291459122&tz=60&viewable=true&ddast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
595e14790d176a03c0bc4bd57675f4b49e538215b711dcbc8d475842e61312dd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
content-encoding
gzip
server
nginx
machineid
1404
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DE2F
0
596 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:16 GMT
an-x-request-uuid
2404562e-787a-4d04-a421-44a8026cf7c0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/
0
101 B
Image
General
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
449f5b35d42da36136c4a7bb695acef1.htm
mediaintelligence.de/trck/ehtmlcontent/ Frame 73C0
6 KB
6 KB
Document
General
Full URL
https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1699178656
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/449f5b35d42da36136c4a7bb695acef1?tp=onetag
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.61.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3184552.ip-51-195-61.eu
Software
nginx /
Resource Hash
6a7c28d22dd1d4b40b041d3fbeefa91a32b8dec11881cdfa975aeecddcfdbfa2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
content-length
5808
content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 10:04:16 GMT
server
nginx
vary
Origin
x-min-lb
n1 n2
khaos.json
token.rubiconproject.com/ Frame BC48
7 B
776 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOLB3IFW-1C-2D87
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
usersync
usersync.gumgum.com/ Frame BC48
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOLB3IFW-1C-2D87
  • https://usersync.gumgum.com/usersync?b=mag&i=LOLB3IFW-1C-2D87
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LOLB3IFW-1C-2D87
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LOLB3IFW-1C-2D87
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
a.gsitrix.com/view/ Frame 73C0
58 KB
59 KB
Script
General
Full URL
https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418380&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1699178656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
9a10ba9428262a096567aebb993ca8a7999e67ccccf7ead99f5c700cbf93103c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:17 GMT
access-control-allow-methods
*
p3p
CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sat, 13 Jun 1992 00:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 73C0
9 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=23723680&cmp=25&sid=50003&plc=418380&adsrv=0&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1699178656
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee05 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d71f15e40a332b01a051d53e8b0bbb334f02456038d71e42ca042a109f85089e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 10:04:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 16:20:00 GMT
Server
UploadServer
ETag
"a79c3d2317a69a2d393fe775760ee349"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3640
Expires
Sun, 05 Nov 2023 10:19:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0952
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXkTIEcTsLq-pXTiWxVjqjTZGT3V68PSK3nWG7-lPNO6tE8PILS26n2tzjICulcyFwOKAIhPvFDBoqfgEh12t1NZzP3NjgBoFuirUQSSrzTo3CfzZRnvMAd6ze&sig=Cg0ArKJSzLNOrxj2WlYvEAE&id=lidar2&mcvt=1200&p=0,0,94,728&mtos=0,1200,1200,1200,1200&tos=0,1200,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=32&adk=872549643&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699178653391&rpt=1867&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t2.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t2.teads.tv/track?action=visible-2&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&gid=1088630&studio_cid=965cfab0-6db8-11ee-bb82-f7c60699fc5f&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1699178654463&cid=1151811&pid=169092&p=zoq3aPv_GaUQobk4g8tdn_r9a95TQCUZ90LctXYvCjf6JkaZrme2jtsMRQA_IepiW3j2DbIDfA2PCv9N_n7jSNrQgsSmBwXkB7UaLuVYcD4xYJqeqvwXaiHWglirCDukmzWwRz4ZNf7ZbS91qjCfHZiTBlGa9_rip7OWFjp8jtEnvnCHZsM9lSwQK-zYybF2JKZYmrlJNhNBZqXBF_8C_eI0nA5IdvPeCFfCccjGYiD_L0X9zxAEvbBfV0KsVt5Zb30PD7qM-JOIILfruKoRuBF3olz_MWfZt24-QAmhUmHfcYBrCTpTtVel-1mNYfG5DiKtKGGhlW3ezC9GleZIj04sIdnMff26y-7mHUg4pxmtGw&cs=170889043947811495605&slot=native&fv=1283&ts=1699178657010&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6742
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 10:04:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3DA1
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVIBnnjeIoNeEp4RJDr9y2gC2DJbCkB_YjXVgdAwambjjX0wPkXPWutY_T8_6Foeb7JVMEf-hkeS7Xvt-LaA7yQ3elwNGq6IabVim1AgHc9-CtiSQm2bo_p1yRuJg8DaHgvO8DzxSTSSTjFvAyYw_rcLVfRSgx5KF614VWj-r0EeE2aKTifrk-d2TdLYxXOhCbr1Cv34n731fi5W0sPrCY1C_w5hbI6gycWVeiRm4bPS7ZUxcKx__TjLSmrCd0aZZpilKsG2SCpE1AIEMoqBCynFzXkvjtxkp3E4b_9sDnqJWb-ZqdG1LkQDT0K4Rz7qv4JqR-Lt3pIohYKX3P5VEAFzpSpIVdxZlVZaiNbEfXq9tuhde67rKRof5Avba_hPQJZcjkBeBHnYm97102dhqwVQO0EjhoGJoDKYVZ_RML_DWnaN9y86S9oUcJE55FEGKxn-xPM58txWD06U9qCYqD2qJtctjLu3wuc9GydJzr_8WLDLqOGD6MTVjAEQLWb_8TpfZqrCH27gsQIRYlWVssEEG5xil--m3qqKLjn_sYyJ1JSxS2_evkQyGecteQh5jZkNnj4Zcut7SiaC5RAMnzP9lt7NKRP0NPOuG66WEY8DUKbmvbDM2OoUaRp9MnrTQ1vuuZMWcMj7ZcbSpqBREyT2MUnFdYT9JDBFfPEgYFSE3-e-2vqWVBC6SlRcjrQjtF-x7MRCTwtITrupQkzjnZOWxBE3JC9Df9cknZyQaQoGmt0JqvHA5SouhGWl3V1rz0QJPHY-x22149i56OJXvJ1fgifAJcYGcBfGSCGKtOEYDRJ0dT8ubnGudQHmwRE4AU1RotHIBW75C4wopeAZ24vJCZtIPWZpAJ2b64kN8uP8jVqsq_fWD9N-oUPFttsRxR9Z5B7ZbAbtJF4FLjNHos2bNkaSYnoez4K_nLsPDsmNHAorwDk99E85ScCyorZzAR_yPcVqjjunT6Tt6smm8pvpagX6_CEgQrkFqbhi02Xx6Kai_a_vyE9WCE3yXQLyQuOvaIIyickg7bS6EqAahOy1ExbNDd_7g2u322jliC-FVONbfZQA5hPGeeRmtYWdn6NxLQYbh23LxZ-vGTaMPJucgfB0fgrvnf2p87QFPKFbhrBRG5XO1ay-dZWLhfFkyXVE0JUsaUjroOdSFLz88omqbYcAJ3AAy2HzDDSJxy61ROUq1GJxasdnfvj_P6xQwsEuDUeDLkedT1hdw82Qg3FCS6nI7caC0nu-MDqTdUPWWA9labGibJfR8ZkAuqXO6G0pBjPg&sai=AMfl-YQzUo9rAkBbMRGvrIKRDMBGA_i9dhSVz0ul5mEyQd441w8QTTF7sU0qSs3ayAWn-CFPknQztWsyxA8MbWrUhKawNeMYWveU2LuM5y2ozZO9M__lYOACGRCCCL5qn6B-Dz3VU5B50SinvYDb8ViBF7jlE-_x2ssBqgK4dNtHI4_fsFqZexxW8OC8KAijlvOeA5bjOVngr_BGyQaTO5vc-O7mVwVz8WXlHyCZiV7uvxiW9iTolzY_x3whzeaT7AIAsE77zFY&sig=Cg0ArKJSzKIPRuuMvv9GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1746&vt=11&dtpt=1403&dett=3&cstd=331&cisv=r20231101.87347&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 236B
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee0dbcc39c93f71fc437d979df07e138fd340cbe06a3bdc81b2426b31bbbbdea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12251
x-xss-protection
0
index.html
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/ Frame 6D4A
19 KB
5 KB
Document
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1699178656
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f8383a5be6d1a813f66622bf5428d3d3abe09cedb1141e6c69c48c9fadc8f381

Request headers

Referer
https://mediaintelligence.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Range
access-control-allow-origin
*
access-control-expose-headers
Content-Length
access-control-max-age
3600
content-encoding
br
content-length
5245
content-type
text/html
date
Sun, 05 Nov 2023 10:02:45 GMT
etag
"653a0907-4d29"
last-modified
Thu, 26 Oct 2023 06:36:55 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
x-cdn-pop-ip
137.74.120.0/27
x-request-id
1034683311
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 236B
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 10:04:17 GMT
bg.jpg
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
2 KB
2 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/bg.jpg
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2849822cf4e301f243ffaa9d75ef79c1d11ff1dd58c3929c7f6c9a8b9d6c88b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1571
x-request-id
375722730
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-623"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
title1.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
2 KB
3 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/title1.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
063c5ad5f7a9841baa04c6d1be02e2dc899de5d9cfc244160870bdced679e637

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
2351
x-request-id
375722731
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-92f"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
title2.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
3 KB
3 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/title2.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
78165422bbfab7eb8f4fc7f811e5ab9a6f7fed8ce67a867c495db3ac4ee92fce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
3156
x-request-id
375722732
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-c54"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
title3.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
1 KB
2 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/title3.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cf78f595b41917c38d6753af680fe5e46850a184686a4e635e31a1921915aa7a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1267
x-request-id
375722733
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-4f3"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
terea.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
11 KB
11 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/terea.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a4e4719ed51405a4c87ab0ddb8d69620d9afaff97faa3a1040046fa2c272c988

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
11353
x-request-id
375722734
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-2c59"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
device1.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
15 KB
15 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/device1.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
251f042187fdf6088f397ad7858a36859dfd7ab8fc1350cd1ff8ce84e5ffea7a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:44:39 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
15324
x-request-id
76843100
last-modified
Wed, 25 Oct 2023 12:15:37 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653906e9-3bdc"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Fri, 24 Nov 2023 16:44:39 GMT
text1.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
2 KB
3 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text1.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bd28563e5697baaad4af9ad150f0fbc91df7c7337d9ce5b2c1a4f42c38852f38

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
2418
x-request-id
375722736
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-972"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
device2.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
19 KB
19 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/device2.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
8cc039b3eb06f163b57045dca66e2d6143369dde0bb2d4615a4407a37e8e0b67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
19003
x-request-id
375722737
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-4a3b"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
text2.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
3 KB
3 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text2.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
17ec579fcc54760dc311b0a6b284495059ee0067cabf38b8f623fbc563b80d33

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
2811
x-request-id
375722738
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-afb"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
text3.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
1 KB
1 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text3.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9970cd25be69eacc0338425d98f1ad6064c54fe4d51d5232108cb2d1e594abe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1126
x-request-id
375722739
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-466"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
text4.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
1 KB
2 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text4.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d825171ee049738384d39c60a6f320f7c0a8705d6e182ef85ce5aa6c408fb4d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1305
x-request-id
375722740
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-519"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
text5.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
1 KB
2 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text5.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
66168fa5f89845f41a2b9a483a19d5c8602bc732b19f8554f83c55494a0722fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1476
x-request-id
375722741
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-5c4"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
legal.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
6 KB
7 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/legal.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ae8e897ab5cdad4df9514d0978ccdca9a75220a2099fcab931dfbcdcd2d7b893

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
6543
x-request-id
375722742
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-198f"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
device3.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
16 KB
17 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/device3.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cee99bbb02727f60a13953bb2e143d789811fd300be17e2b2625a7def94d8fd2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
16612
x-request-id
375722743
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-40e4"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
text6.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
4 KB
4 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text6.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bd572090883bcc5dac1ee41b72ad36a3bda60eabcf3a8f4912d3860636640326

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:44:41 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
4010
x-request-id
76843154
last-modified
Wed, 25 Oct 2023 12:15:38 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653906ea-faa"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Fri, 24 Nov 2023 16:44:41 GMT
conditions.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
4 KB
5 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/conditions.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
44a53e09ad6266849dbf0bf81d670e933c4072f6bca2961bfb97e7ec2570a4f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
4382
x-request-id
375722745
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-111e"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
dti.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
4 KB
4 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/dti.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
309a1ec040b90186e8bd76ea73eda64f7aff0eaf326d0c28546699993d0bd3dd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
4068
x-request-id
375722746
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-fe4"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
cta.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
1 KB
2 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/cta.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7ed524681c8f26b8f77c73f83b736ffd170c3417ead94f4fad38f78c746fa98f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1445
x-request-id
375722747
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-5a5"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
hw.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
4 KB
4 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/hw.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
06eca77911c52c8c51c81166043013d81d67efa2dba421d5d5a0db7f9b9da880

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:44:41 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
3935
x-request-id
76843158
last-modified
Wed, 25 Oct 2023 12:15:38 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653906ea-f5f"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Fri, 24 Nov 2023 16:44:41 GMT
logo.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame 6D4A
2 KB
2 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/logo.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d53061b329e42c194f8f1920384802008342fa76b98b474070594fd1d152d837

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:51:56 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1903
x-request-id
375722749
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-76f"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:51:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E2A6
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311010101&jk=2282710649184137&bg=!KSqlKmXNAAb4oU7C2KE7ADQBe5WfOPhFxGfA16qD8DMG3ac5MqKinOtrYe0UmR3F1EZh3ESuIhTjzUYul_25iuqGzRxuAgAAAjlSAAABumgBB5kCww30OVwSfgkHSAVeIFrp2jNtZOQ5NOtR3-RZuGZFdrJvhwUvONXUVunB6TtAn9z2G4V1qIDMSF8dwvZjP1C-FAuu8sAxESJBQhDNxggSSYdXJ1_KoDtFOtvecjO0gekeA9Lm1qSoFp-Xk3CDKi3zo2aWaBsYaU37HxtRmcd4uNkiYKZkcNbwOBd0nzmmrRrVjKCYnJgHSHwY-KIoGjaDfySicLvFKxa2FqeIgbxFQ3h07g6Oc4Rpt8O3dL9qDiM8ts2Jce4Un8QuL94zkByZn8zhqp2Mrc4eoDGDpCT4lzM4MjCDlgYMFOn9036_G534haiveiDDNIEGUeF8DA3jjPhOSN81PQWxuOEmJ7RS6ZbeuY1j_-5rpyBFgwJpN9NccRhoBxnZuh78UC2NbXf8yntwZOoaaKD3OiMoNnqaxa2H9D7yooIlBQJDKqc4QibrTm9d6NPcs_XrGgVLF2zJJRXO97rP07XFPAyjMwTg5Fk0fG8iVJJncp3jDn31YPkKY5FUFKFv59JYc1kisX2Eih3F3bxXSrXdpCP3SKDIKdiyuHCDlYp25gvXVWk-4nRNTYlz9c4Sitsb2sNGqQPw2ynS31IJiyWD2D0pxn4tBa1OqrdQZsBHvFd7Q4unS4AdEzOw_hTmpagtrMZluRhzwHfxrGXogbskuM-IskQltLmGSFjg7_nvzY9-fooL_I3oPnTU62oDUIbchfFL3dngZdL5-8F7WvMJt08Ialt7flr94DuWyWctNAswRnxADtKpvpn5guTv4cVgLr59QJHuIQyTowTTnTxf5GFAU-PLqU2UI8jyrki90Z7ImMFN0dgIQiWAS3GQgAd_AWKwGnHoEg724aUoB02YmmwyhiKZcR_kg4E5ofxSNmJt7q3nfZ7EIq8fovSMcawDIjojjG7R77OPPWHrxHIJs_A2YUydQ85QODyV
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ads
pubads.g.doubleclick.net/gampad/live/ Frame 6729
156 B
184 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4084009861852465&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fa8QeykdKtiJLgEd55ugNwA%3A1699182250%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=4CC17E15-9B7F-49F6-89B2-711909176368&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44806261%2C44806733&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=1699178657379&cookie=ID%3Dfb45440c89c66303-2250b5edc5e40052%3AT%3D1699178649%3ART%3D1699178654%3AS%3DALNI_MbxL7XwcpDIJ4uLKVNqOgjvtiUFxQ&gpic=UID%3D00000cb523974ba1%3AT%3D1699178649%3ART%3D1699178649%3AS%3DALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA&scor=2494609425165453&ged=ve4_td9_tt3_pd9_la9000_er698.400.699.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 6D4A
30 KB
14 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=0.26590484217182997
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx0000092b7bf2d6ff3edb0-0063765dc3-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
dv-measurements4866.js
cdn.doubleverify.com/ Frame 3E09
421 KB
99 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements4866.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee05 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0a1e8eedc94c0cedc3c62afbd806bbc36b5863094f2fb961d4855cd53a7ec407

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 10:04:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 09:58:47 GMT
Server
UploadServer
ETag
"710a3afbd65b017c09a3291207341050"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101293
Expires
Mon, 04 Nov 2024 10:04:17 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 9C4B
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
51054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Nov 2024 19:53:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7636
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
138892
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:29:25 GMT
expires
Sat, 02 Nov 2024 19:29:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DE2B
829 B
792 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6d98932f2759abc6e7730033a1f3f8d55e9e2ecd61d5c260932a57443222de97
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LV6QNa7x9lQzcGPI9y09sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LV6QNa7x9lQzcGPI9y09sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 10:04:17 GMT
expires
Sun, 05 Nov 2023 10:04:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A33
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bz2Hhn2hHZbrXAs_DjuwPycao6AgAAAAAOAHgBAI&bg=!8POl87zNAAb4oU7C2KE7ADQBe5WfOLUCmF2_bc3cmvvCevV317Pq9CRKtWwplkZTXqRuoDbi7_gphc6VFAuI_oq1j1oYAgAAA_JSAAAAC2gBB5kDIbQV8YndxbjGQRGLoaJ2DylwSefJoKkN8XGTUWMG8Z3nBDfrJt7lTDigkgEVPIsuJJMmsbDHo7gSXYUwtT_7VcD3fWbG1rMlzyX94IdEgAxR-N4r2hyEaAFMI8t6Qhv2IHWICsnrDeep7hEworTmjwtK--lERIJgB-DtvWgRSEijOVttCtEb6NLDinEIB9jkHzSRrKhU1dnF9Tn4egedqxlKRlNiLcnmjoufybvjxWvY607HsT7r86BSMxbnDNZK896sH-osmU4FaIkZQ4kivrPQ3x2zBmlp7oogutm9VpRNhGubH9Wc54wtyRfDb83rmqz8p2rJzPbo-nOqu_r7n_-upDcMvmj4YmivhQb8GumaA8ZLDPqtSx-bW1iZF8vEh3dNCy0mixCXCBkaqzRilQ5DY66_lRD431BOuKltlqtOpwzjxkoF4unOX58wmuSXIxwzGIr15voJhwlFU9oJg2wEgkimP38_IAw8UDVSEvgh0DXgltxzMm5sJj9173nvfug0fFueT9-xEdsNdgDZH-vnqQ0pzsR8YIvURMl-ASluZ9sI1X8khQrwuCgcJ8XW_Jot6DseNSWo8EHofeqcwbcmcG8NPPp8ih6BH5eE3ApVFhwWTP8PVkWzd-smiMkBqEr9_qu6-zbe9yznM6bVTEgu1IaRepcdOG0GahQNaocqZkHAGI_iA_AxrOPObTDmADGVHdriIyGz7uGP_UL5Syv5_NVxifxrhilHwCZHTyfO_jf5mXu50GxEb_UsnB4WcyhV28MziTQJMxRU3Jydw9Uz_oNPvZkzFpAu8gzGbFHLvkefG52Q1fF1VZmmeZJGUr30P92FRNdJbP6nx0kjL16A-hLMvTuz6VZxDX0E7V3ZCMH8CTAs-yXwWYvCWZtjkyj-9kL29EkhamtKZ5PkGpwmr2eQk2lx4tZlRJt-vJOiDkas9dWkvequwfC0ADtgagRIsT3BVQitVAYSJEGep-4mRxVpZteaO7Q7kJpw4RF2FKihPksT1Ikca33v_mcoiqyL26tEjoc4VP9GkoXUyHnMwnoL_OrkvC4EeX2jJszGzQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.js
tps.doubleverify.com/ Frame 3E09
694 B
730 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=187&ttfrms=377&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3E65%3A2%3A%3FE6%3D%3D%3A86%3F46%5D56TauEC4%3CTau69E%3E%3D4%40%3FE6%3FETaucch7d3bd5ca52be%60be4c2f33ehd2467%60%5D9E%3ETbuEATbs%40%3F6E28Tae4%40%3FE6%3FE%40%3F%3DJTbsECF6Tae424963FDE6CTbs%60ehh%60fgedeU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau2D%5D25c%3E%5D2ETar9EEADTbpTauTau%3E65%3A2%3A%3FE6%3D%3D%3A86%3F46%5D56&srcurlD=3&aUrlD=0&ssl=https:&dfs=345&ddur=204&uid=1699178657972282&jsCallback=dvCallback_1699178657972106&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4866&tgjsver=4866&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Fehtmlcontent%2F449f5b35d42da36136c4a7bb695acef1.htm%3Ftp%3Donetag%26contentonly%3Dtrue%26cachebuster%3D1699178656&fcifrms=31&brh=3&dvp_epl=391&noc=4&nav_pltfrm=Win32&ctx=23723680&cmp=25&sid=50003&plc=418380&adsrv=0&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=2717308319.421309&ee_dp_sukv=2717308319.421309&dvp_tukv=431896670358.2269&ee_dp_tukv=431896670358.2269&dvp_tuid=1551550368731&jurtd=1208065849
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4866.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
1094a7e566c296c15bcfa02779a10b2f69ac9b7c75e2f883c77291f5d311f9e2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:18 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
11/04/2023 10:04:18
csi
csi.gstatic.com/ Frame 6729
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lolb3mo4&c=954826590929&slotId=477413295464.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:18 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t2.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t2.teads.tv/track?action=visible-3&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&gid=1088630&studio_cid=965cfab0-6db8-11ee-bb82-f7c60699fc5f&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1699178654463&cid=1151811&pid=169092&p=l5fAt9qdTCMJhMcv5ic4um-9dSVg2PM1ssbUuYw27stD52--Ovcc1ZxW--zjwkKE5RCoF9R3llWYAa3x2-4G-ha3V064V0nxZFWhf51FXHkKCqe1cCcs48AuKEn7LlwyAC49dOscZbC0UswiN3ETXOWjv7R6RHudPGiUklczrrUjdob6SZIKzVufDPGQHa0dbV5kTNQaluBaAbwRbBu4jTiALd-qCFld3wMe41lurjX9_RmMMwcIUg-dPn7CQepqznsvKtWGKanr_Dc9osQn0VzBhBUA0-ZcFHMAMh5z2W3JEtxloqf0J68EwZkqLWWRG0FG5vUNyzCg7eo-BX5pIrtIwTmK7OSzRJqW_IfG3QO39A&cs=-362176897518444568105&slot=native&fv=1283&ts=1699178658191&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
truncated
/
427 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
415 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
414 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
visible
trc.taboola.com/palmate-bg3co/log/3/
0
253 B
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=-48&tvi50=13497&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
61
date
Sun, 05 Nov 2023 10:04:18 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59053
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230067-FRA
pragma
no-cache
server
nginx
x-timer
S1699178658.218803,VS0,VE61
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
SPug
simage4.pubmatic.com/AdServer/ Frame B131
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1
0
22 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4428727485053&version=m202309260101&ct=119&x=1&cor=5826132445747285000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6729
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lolb3nin&c=954826590929&slotId=477413295464.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802463%2C44806261%2C44806733
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:18 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DE2B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=1677794651560201&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 7636
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
51055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Nov 2024 19:53:23 GMT
480_650.mp4
cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/
3 MB
0
Media
General
Full URL
https://cdn.vidverto.io/secured2/a8QeykdKtiJLgEd55ugNwA:1699182250/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=229376-

Response headers

Date
Sun, 05 Nov 2023 10:04:18 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 229376-17211103/17211104
Connection
keep-alive
Content-Length
16981728
ax.php
a.gsitrix.com/js/ Frame 73C0
0
0
Fetch
General
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418380&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediaintelligence.de/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://mediaintelligence.de
date
Sun, 05 Nov 2023 10:04:18 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*
generate_204
tpc.googlesyndication.com/ Frame 7636
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?0sGllA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame B131
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17063090&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
2c8764f4c3f4861c155dd3dec893e872541c17de02e49b166a7a6e642146afe1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 05 Nov 2023 10:04:17 GMT
content-length
1567
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 94EC
35 B
600 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 05 Nov 2023 10:04:18 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
a.tribalfusion.com/ Frame 5687
43 B
492 B
Document
General
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8214459a7a872c77-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
image2.pubmatic.com/AdServer/ Frame 018B
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=58ce9345e40871d8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=421c10bcb05aa53a9e3b61722457b34&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQ...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjnRYWVnWaSTbQS&gdpr=0&gdpr_consent=
42 B
280 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjnRYWVnWaSTbQS&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 05 Nov 2023 10:04:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjnRYWVnWaSTbQS&gdpr=0&gdpr_consent=
pubmatic
ad.mrtnsvr.com/sync/ Frame 8B2F
0
0

pub
matching.truffle.bid/sync/ Frame 7968
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 05 Nov 2023 10:04:19 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
ImgSync
image8.pubmatic.com/AdServer/ Frame 06EC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A733B80763334980A73B8DC23A3A4730&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 05 Nov 2023 10:04:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 05 Nov 2023 10:04:17 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 7E2E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1699211420
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1699211420
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sun, 05 Nov 2023 10:04:19 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 05 Nov 2023 10:04:18 GMT
etag
RX84e9c038cef94c6f87ce1ad858e38c07003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1699211420
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame CCBD
0
357 B
Document
General
Full URL
https://ads.servenobid.com/sync?pid=316&uid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-176-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 05 Nov 2023 10:04:18 GMT
mw
mwzeom.zeotap.com/ Frame B131
95 B
439 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:19 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8214459b3ae6381c-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame B131
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:27 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:27 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame B131
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3DAE9542-D0A7-4EFA-83E2-F4F53393B478&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:19 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 2B4F
47 B
223 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68027727&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 05 Nov 2023 10:04:17 GMT
content-length
47
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 236B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=1677794651560201&bg=!v7ylvPPNAAb4oU7C2KE7ADQBe5WfOERQmmZJbPl8Su6PM2neXEkFTz1KL3eOerE17K3A0kfFgSIaqCfppE5MUFNRxL5HAgAAAJ5SAAAAB2gBB5kCxIDPEtJx5_PbZnrIq1JjrPSHxoQbLWHQ1ZwFFQTahWJflk365CVwQSeydJRTqHDlWM_nQ8DveVfkmI9Wryo7gOScKfxLOXKC9bHRcs7JcnzcTLxVU1Cv6tq6jYHBp08XJ8HelTaSXkk4FYQPpzF5ghI6YAaByH7eGAq6KEtrPsibhj1ZL1hdrvjYyX7GdW1MP7K6j2XH_Qhwjdr-mT9RGPswuPKhoCU954JZ595yw-__j9OCJ_ytmaP-lCW8xBaeQCkNL4S5mqJ1DbpAOZnYZl1qstgSzW3PPrD2eC3MBPIWTsoqZsmm7L5UXA4Il6ODJWebESU3yPuvyB-5TR5ArJZ5JnSuyS2BAn8CFCrGOwokxvbLFAVdZiR1V0-izdnWGI30NgVcZHNq1sxkj-sK0LXPOjYClDn9PDX8XNPGR3dquAd0DRLNxuMY5WKi0lVxqDkOuMNTLhOQua9I9fOIl1X7x6BKBGuNJaD7incxfOe98pZhSso1l1K03e9x661l1-ZuzB8sxYNfbLpGcUv7yWef0o7pkobRvNwP-QnYdgOUc_aUKWld6Y8CoVwzmzi50gv878v09AitXobGo9Xnhnv_XuG7A7B7SZ-gKdjGbvyDsEl-zq08BbfB81uIEM5MhCrVJ1y0TMrD6dPjXuIwgxxANxy2k2qJRY79tnVEYR2FwhQtSY_lMFPr40nmG7QtFWrnyjr4GffcpU4FgQ3lHuzSekvrFK3yh6T9Fvr9ExyBDIhea4063-zBnGHx8euxmeLOazfSQblaiRK4bBLG8RL9T8bIQwKa6tNueqA3Rgfnof51xmLeVVSSE7GmMk8aYU7n6fB8nQ2pyg26bW1nl1XhxtD3W4urXt2tRYsB5feD40tNLGDzac9JbaYP-fq2WFj3t782ORhaEYUiIRQYlT8JXwvLsV2AvVesan8wMSmDviWF0w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

track
t2.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t2.teads.tv/track?action=visible-4&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&gid=1088630&studio_cid=965cfab0-6db8-11ee-bb82-f7c60699fc5f&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1699178654464&cid=1151811&pid=169092&p=vdF55u4MkzBz30FLPrjN6_wYpstzEgytvk405mKbOaaKDVRWICub8Ryc4i0DPdvNwS07ve2V-Np9QmAKJdjMGeqnyjlLY-2C9BzRZl8Ezn0-oN7U2K83z-ZtYDOqn4OPcBSF2ZUP2XTlmNS8WNmNeeTu9BTzOLOwLykn_m25zGUj2G5nyXrAMrgQsdzoxfkTtfrSln2qGJtatAP0McJs0SVY-DiUX3tLU0OzGvDcfguBNnwuso4_pYFeSmPPULdp7SkIuXt2EaZLoSEkcj_r3WZFtlgapBtPou6t-RqzvosmiQ-tXOViRTGk54UWCmcee_vSXShVlyAIr2C2G8rYav7KCmK03P3lVNR0ziG3XIEByQ&cs=328867408359029210805&slot=native&fv=1283&ts=1699178659087&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 28A3
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 05 Nov 2023 10:04:19 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame D563
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 05 Nov 2023 10:04:19 GMT
Expires
0
Pragma
no-cache
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b11v886690812&_p=1699178647983&gcd=11l1l1l1l1&cid=1267633721.1699178649&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699178654&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html&dt=%E6%96%B0%E5%8C%96%E8%AD%A61%E6%97%A5%E7%A0%B42%E7%AB%8A%E6%A1%88%E3%80%80%E6%96%B0%E5%8C%96%E8%AD%A6%E5%8F%8B%E6%9C%83%E9%A0%92%E7%8D%8E%E8%A1%A8%E6%8F%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=7&tfd=13504
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
2 KB
797 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1699178659418&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=146687625&pt=1291459122&tz=60&viewable=true&ddast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
595e14790d176a03c0bc4bd57675f4b49e538215b711dcbc8d475842e61312dd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:19 GMT
content-encoding
gzip
server
nginx
machineid
1439
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t2.teads.tv/ Frame 0F31
23 B
134 B
Image
General
Full URL
https://t2.teads.tv/track?action=visible-5&vid=fb0a976f-fff4-4ac7-9efb-13f9f8b9ad16&gid=1088630&studio_cid=965cfab0-6db8-11ee-bb82-f7c60699fc5f&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=eb20b267-b704-4252-8ebd-dc896e9fa32e_c5d70015-be21-4734-a014-c2f87e03ee14&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1699178654464&cid=1151811&pid=169092&p=lG1q1ZXwVP6XmHXGUpZFOiE0XSruROrfyylRfULQFp8XiUClmOgBB5RvQNlTM-BBNTx63uLp9gWWrXC4oiwF54hI72-eyiO_hsU-8BrYulQ3CRyVJRkZ-yeM3H0cFp9GayJhlR6M-jT9YYek2btNPdVOZYjeIvJVsywNa1pK0z6wb1nJjcN00BRTJfhcYfFneXm8fNd-8TYxfAjGWe2UJXNipxYRFIgFWDK6ZPJw0JE39fVJbbGGJTGomrJLkemv0gTCVr74DXbT9_0evkFEHEVtUCBoD1QqMzjFVuwBRbQUiia29uui_kbiDtCqHtW4JjAlyb1EP19N79nW3v-ukAECiEvqkb5gBzTtDOL9CZyggg&cs=645352859577768645605&slot=native&fv=1283&ts=1699178660059&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 05 Nov 2023 10:04:20 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame B131
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
event.png
tpsc-ew1.doubleverify.com/ Frame 3E09
0
301 B
Ping
General
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=15034f397d0e46b7a2828a3d9d65365a&flavor=0&gdpr=&gdpr_consent=&ee_dp_cadl=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&vdur=165&eoid=17&te_exec=0&msrjs=4866&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=204&tetms=10&msltms=76&vltms=165&sei=289&vetms=117&tuviims=565&tuviems=847&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=264&msrcannum=2&ee_dp_tmads=2761&ismms=425&isumms=425&nvr=2&isgmmims=425&isgmv4mims=425&elmtp=4&isbxdms=2725&b0=2422&dvp_vsosnmr=3&lftb=2422&sftb=2422&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=424&dvp_dpr=1&vstsz=736&ee_dp_cvcmeeid=1&metp=1&meeid=1&dvp_itg=HEAD%3A1%2CBODY%3A1%2CIFRAME%3A16%2CSCRIPT%3A3%2CDIV%3A2%2C&ttfurm=3659&cbust=1699178661256275
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4866.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://mediaintelligence.de
Pragma
no-cache
Date
Sun, 05 Nov 2023 10:04:21 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-11-04T10:04:21
jfILrWwkZY0t8MFJSLBhr%2FsvlBaNTJe9cQvcQ7S70J6tlro%2FypIjLSFKsuWf5JJc78ANRpnB2eakQP2hGttC4m1WMEKyuQIeNQ2Rf8TjHRNlMYWJ76lHINrzFgrqA7bgsYeUGczZKdUWoyW1B0NOwTQI9404xiY6CGZaylHxHY2E5X3fhkzdPPm%2Fe%2B3xf...
ad.vidverto.io/delivery/v2/content/tracking/progress/1813/
50 B
50 B
Image
General
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1813/jfILrWwkZY0t8MFJSLBhr%2FsvlBaNTJe9cQvcQ7S70J6tlro%2FypIjLSFKsuWf5JJc78ANRpnB2eakQP2hGttC4m1WMEKyuQIeNQ2Rf8TjHRNlMYWJ76lHINrzFgrqA7bgsYeUGczZKdUWoyW1B0NOwTQI9404xiY6CGZaylHxHY2E5X3fhkzdPPm%2Fe%2B3xfxH2COPbWzegD36TVRNVNfwLqg%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-hua-jing-1ri-po-2qie-an-xin-hua-jing-you-hui-ban-jiang-biao-yang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:04:21 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
VideoBidRequestHandlerServlet
am-wf.taboola.com/
2 KB
797 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1699178662002&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=146687625&pt=1291459122&tz=60&viewable=true&ddast=V88fgCLAYwYN1WYwjTpRFgwLqtxhCmSysAAABgYID-AAmOfMvNxGVxqxyTjVu0Gw7XwuXItRZtHAvParVZrFw2IyC55WRjstgca5XDsluLZoPFWjkcOdfC5WizWuxGztHGMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZeaDodPte9Xvf73SU-z1zj9yv8wqfdLXQ93FKn3edWTJ5uwd8tWTxdboXdLXza3ULXwy112n1u5d_1FrqebonD7pY6HXafW-J0-N3Kh91nF5reZjsAAAAAeACQFvsI4QcQACACAAAAgAQAAAAACgEV_i0IXAAAAADAALBwu6oB4JkDwhgdbovZb_cHAICHAhAAAAIYJAAQ0A9LAMQY750AAAAAAAAAAGDx____H2MAv7JPBsHAek0PgAcfAA9EClSLMAIAAAAw7Jw2eGSSTlCxqAIAQJBuBeAKAEDAoid8JkMYAAAAgTEL9LD4_WaHXeN3uwwAAAAAAAAAgJn_M_9ohHY8cNMATRd-qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IGZyzYYri8czXEw2lonHspkNRp7hyOUcLnfLiWV7oMp0-T5b2zv6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYjLZrJtLMu1zLKcuEUz38itsGxGa81k5JmMDBPHxLBbi14f08c0WLkcyy0SDCDbi-AinQgeZrfD9HJLfJ6N3yKWaE4W6UR22ddMrtlwZfF4hovJxjLxWDazwcgzHLmcw-VuObHsKy6bybaxLNcyy3LiFs18I7fCshmtNZORZzIyTBwTw24ten1MH9Ng5XIs943ZcrnYDWej5b4xWy4Xu-FstNx36Azf1edsVJZVko_KZf1uL9ea06BwGSzel_p0HhaMBfXZc3QKPZ5nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEZwu0onoZTxdxBLJ0yKdyCYb08RhmNhsy9nKMDFNXCvTbmKZmJaT4cTlG03EEqXpIp3oFX7h0-4Wuh5uqdPucysmT7fg75Ysni63wu4WPu1uoevhljrtPrfy73oLXU-3xGF3S50Ou88tcTr8buXD7rMLTW-zRf1HD7FczSWD2VwxWM0Vm8UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1yslgvgIihLF7AJAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt5RhBrtVrWAAAABLABAAAEcNONNwErkZx9QFf6PXCj1wr8CmIzWu72D0CFWKvV8vlirVZL4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!strtimdtprd8_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
595e14790d176a03c0bc4bd57675f4b49e538215b711dcbc8d475842e61312dd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 10:04:22 GMT
content-encoding
gzip
server
nginx
machineid
1477
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
ax.php
a.gsitrix.com/js/ Frame 73C0
0
0
Fetch
General
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418380&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediaintelligence.de/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://mediaintelligence.de
date
Sun, 05 Nov 2023 10:04:22 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/89c79dc706cdb76518c75a4ecb0fb9e7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/13e41329af74c7e197cc1818b765dd0e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/47333c298b41676b43aac7953f4f50fb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/09562f02bfa71be0bbbdfc6faa4b19ee.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/9c0420e74a6c51db3bdf57c58d58e4d9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/7924dd80333f17e34cf02772985bc73f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/86a9fab4527501eb0cdd4b46c954e9a6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/033dac8d8fc804c3d24fdd8bb3380935.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e64dcf78da48ba90042d3b56bfaa97af.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/bc407da50850f997c8fffbf808a584d4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/21369f91b1c1d9d5547eb1ace1182ab1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202203/a054d18274a07a9ed5ad0b3615140588.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0cf953a8e7d62c3e3e201a930d63af33.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/68943cd6b2c528e904c8b02d69ff02d4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f5d987e5433ee8797f0152bfbb18743c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/6ada7ff64c475be3de41cda3ac1dbe0c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/467a4a215f3b32ed302e1f1100f7fe0e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/a78ed149813521ba82d80c4ca2bea50e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/5ab2ac923bc25962d5052c507f494aab.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/db87adaa44ab8235a75f71d918d5cf33.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d2ee3a3b9dbb8105f57623684dcd528a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/95a2bc9c7772e73ef625ddab78d90e7b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/6d846d2bfbf92341a77538333d1ea717.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/875c737c7e5a268b3077bec865e33cd4.jpg?w=150&h=100&q=100
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3DAE9542-D0A7-4EFA-83E2-F4F53393B478
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| AMP function| _statcounter object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ggeac object| google_tag_data object| google_js_reporting_queue function| _typeof object| TRC object| _tblConsole undefined| msg object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| setImmediate function| clearImmediate object| adRecover function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| google_measure_js_timing number| google_unique_id string| nam object| placementData object| aries undefined| $ undefined| jQuery string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| ucf object| request string| paramsString object| google_reactive_ads_global_state number| vidverto object| regeneratorRuntime object| aries_registry object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| cmTag object| Criteo object| _cm_wfCounters string| lastWfUrl function| quantserve function| __qc object| ezt object| _qoptions function| inView function| VASTClient function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| _aries object| inViewWindow boolean| noPreviewPage function| startCMTagMain string| category object| vidvertoPromiseCache object| closure_lm_445410 function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer object| google_ad_modifications object| google_prev_clients object| googDdmPs function| VidvertoPlayerVideoPlaylistUI object| closure_lm_961531 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| closure_lm_777415

216 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARC2FgoGCKIBELYW
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1699178648.D5434AEC408A4FF3E79AB657FBFAFEF5.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1699178648.0
.statcounter.com/ Name: is_visitor_unique
Value: 1699178648298528511
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1699178649.1.0.1699178649.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1267633721.1699178649
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dbefd6c29-f29b-4f7d-a234-32d32d0b1b07-tuctc40ee19
.bg3.co/ Name: __gpi
Value: UID=00000cb523974ba1:T=1699178649:RT=1699178649:S=ALNI_MaNWK4CY_Q8goIVK5PcapmIceVtRA
.doubleclick.net/ Name: IDE
Value: AHWqTUmGAUTEdNTZyZm-6NrLkJxMV5Rur6jL6eQnTZGNHnqF9EFwLeQC9wmXQ2oxeA0
www.bg3.co/ Name: __AP_SESSION__
Value: 2bcf3027-c102-4d7e-9174-ecaa23b9e485
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: c5872001-d71a-4247-8bce-0e7ca612a0c4
ad.vidverto.io/ Name: moxuuid
Value: 812592df-482f-48ec-a7c3-7e740bda025f
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1699265050
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1699265050
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1699265050
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1699265050
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1699265050
.aralego.com/ Name: sspid
Value: 445288e1-466d-32e1-9eb0-39836b99d2f4
a4p.adpartner.pro/ Name: apuid
Value: f42ebbe5-cd2b-4b2e-965a-f939dfd707ec
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: 38457c9cfb3787ed3baab49d3aeac213
.rubiconproject.com/ Name: khaos
Value: LOLB3IFW-1C-2D87
.bidswitch.net/ Name: tuuid
Value: 330265bf-f52f-44ea-a3cf-f9ea286f4b9c
.bidswitch.net/ Name: c
Value: 1699178651
.bidswitch.net/ Name: tuuid_lu
Value: 1699178651
ad.vidverto.io/ Name: adpartner
Value: f42ebbe5-cd2b-4b2e-965a-f939dfd707ec
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.aralego.com/ Name: euconsent-v2
Value:
.prebid.a-mo.net/ Name: __amc
Value: 2_1699178651_1699178651
.teads.tv/ Name: tt_viewer
Value: f6e093ab-4ea6-40df-83d5-94a87750e8e1
.quantserve.com/ Name: mc
Value: 6547689c-67922-06a76-adff4
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 0152d61b-5cba-5235-b79b-c321d2dcabbd
.betweendigital.com/ Name: ss
Value: 1
.admixer.net/ Name: am-uid
Value: e7f807f077cc402a99a3a82d9262ddb6
.bg3.co/ Name: __qca
Value: P0-1567207863-1699178651251
ad.vidver.to/ Name: bidswitch_com
Value: 330265bf-f52f-44ea-a3cf-f9ea286f4b9c
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPTEIzSUZXLTFDLTJEODciLCJleHBpcmVzIjoiMjAyNC0wMi0wM1QxMDowNDoxM1oifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0wNVQxMDowNDoxM1oifQ==
.yahoo.com/ Name: A3
Value: d=AQABBJ1oR2UCEK5nykioRT2cWyskTWu4Kd0FEgEBAQG6SGVRZQAAAAAA_eMAAA&S=AQAAAq35dPyOtt8hv4NupdZPMZM
ads.smartstream.tv/ Name: DID
Value: 3f32daf882ff0df953c51198072a273e
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1699178653894
.tapad.com/ Name: TapAd_DID
Value: 62ba537d-0d9b-4b0d-8151-3774443e12e0
.linkedin.com/ Name: bcookie
Value: "v=2&ea562459-510c-45b1-8d3f-88138902d9f0"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTkxNzg2NTM7MjswMjETdATvUSaV8QAhb7TyaxDhLDpT5BrBmnxIBajwUFTfqg==
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2871:u=1:x=1:i=1699178653:t=1699265053:v=2:sig=AQEuvuUer3cOa7ud67tNb-hxMylsewTo"
.bidr.io/ Name: bito
Value: AADYHE7KjtEAABi-8U8OSA
.bidr.io/ Name: bitoIsSecure
Value: ok
cm.adsafety.net/ Name: UID
Value: CM12023110510e1581be49ec9a69fdd8
.adsafety.net/ Name: cm_uid
Value: CM12023110510e1581be49ec9a69fdd8
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvbEd3Y0JwTndmbVIrSEszdXlEWXh2NFJOamlZR0N5RVhwOG0zOUVLbStrbXZSVUxVNExRbFpBOVl5N0YyNXM3MEE5ZFJCZWVxTnovNVZ5TFlvMUt5QmJUMHVWRUNJRnZFZ3pudVJTeitIeEJoM2NyVWRQWHVBbnZ6RXF3aC81WmhIdUhhR0Q2eDg0eGNFd0x5RUREbmVkaDgzdUIvR3dUbCtWOGk4VldCeHEyQ3BHdy85V3VaNmt4WkE4M291Qm5NTVUzdXFabHVYZzIweWJnV3lTMVRCdkl5VUhRdkI4dmZ5OXNGVnB0aEw2U3dBakwwekVrS0wraTFBZEFLU1R6cEQ4L0EyRkVmWEwyOGI4dHJCSiswdHpJVytaRlJ3R2l4Q3ZLM0s5SWVycEJWRHh5eVVJQ2hmUTVoMzZORmlXVnB3PT0%3D
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.connatix.com/ Name: cnx_userId
Value: c9960768533d43a18b202c99aca554dc
.amazon-adsystem.com/ Name: ad-id
Value: A7vtg7uY2kpckWFSzgbIwnY
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1699178654.1.0.1699178654.0.0.0
.ipredictive.com/ Name: cu
Value: 45d183f6-784b-4200-92b5-c2dd62722804|1699178654337
.bg3.co/ Name: __gads
Value: ID=fb45440c89c66303-2250b5edc5e40052:T=1699178649:RT=1699178654:S=ALNI_MbxL7XwcpDIJ4uLKVNqOgjvtiUFxQ
.www.bg3.co/ Name: _im_vid
Value: 01HEFF1B0AJE3X8XDMWT6CKGST
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
.casalemedia.com/ Name: CMID
Value: ZUdonnUBhaXLGOaTV5j8PwAA
.casalemedia.com/ Name: CMPS
Value: 3211
.casalemedia.com/ Name: CMPRO
Value: 3211
.adnxs.com/ Name: uuid2
Value: 560559417966471935
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2GU$iM(QM!]tdA8i_iqf!oN/@E'zz<*Z0QhRpCj?Y?>R%c<D[Qp`>3cM^#tYvqsiJ)$Z@3If)y3M7g`[!h4>%5J?r6$V*WP%O]@qTi@=Uod/q[%z5WCnY4PHbVl?
.openx.net/ Name: i
Value: a0dcc928-1e2e-0358-089a-2dfbaea9c593|1699178655
.openx.net/ Name: pd
Value: v2|1699178655|gen0vNvQiygu
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-05T10%3A04%3A15%22%7D
.agkn.com/ Name: ab
Value: 0001%3A1odNVAuMrGkB%2B1Sw7uQAsvhZIJPI1elH
.criteo.com/ Name: uid
Value: 4db5e908-fa87-402c-80d0-db8dc049adaf
.krxd.net/ Name: _kuid_
Value: P5cFifIb
.bluekai.com/ Name: bku
Value: m3X99J2GHtVbuyL3
.bluekai.com/ Name: bkpa
Value: KJy9DQY+d02pSUHknpx6meDTwtkAwVRtjE981tainEHkRER+BeOAji6T1txNnEA6REQlBpDyjECk1P2k5P2MSYjLSVNo5e6hJk26wEWtmEAhBpQtBEx81eQe91r0aFW=
.adform.net/ Name: C
Value: 1
.lijit.com/ Name: ljt_reader
Value: HmtcqRZHKKxQCNToSiG04FzE
.adform.net/ Name: uid
Value: 4365169368219957760
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_337
Value: y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
.servenobid.com/ Name: pid_312
Value: 560559417966471935
.servenobid.com/ Name: pid_339
Value: y-rIjS1s5E2uGSPwquIVg4W8zk1VLXv0ZcCKpU7Nc-~A
.servenobid.com/ Name: pid_310
Value: HmtcqRZHKKxQCNToSiG04FzE
.gumgum.com/ Name: vst
Value: e_0c73a63a-8ab1-4d61-bb45-1cebd797f345
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNrAwMDK1MDEwshTiM9S1jDQ3CTb0yMvMSs8CAMSHdMwlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNrAwMDK1MDEwshTiM9S1jDQ3CTb0yMvMSs8CAMSHdMwlAAAA
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_333
Value: ZUdonnUBhaXLGOaTV5j8PwAADIsAAAAB
.smartadserver.com/ Name: pid
Value: 921275781204401352
.servenobid.com/ Name: pid_324
Value: 5107433830802584029
.minutemedia-prebid.com/ Name: wrvUserID
Value: bLqnz8tzkp_mm
.simpli.fi/ Name: suid
Value: A733B80763334980A73B8DC23A3A4730
.turn.com/ Name: uid
Value: 4110564080573384483
.w55c.net/ Name: wfivefivec
Value: D0oqKbBL1QZzZl5
.servenobid.com/ Name: pid_317
Value: 3301365640955944149
.company-target.com/ Name: tuuid
Value: 05eced64-5c38-459c-915a-1c5b8cf23521
.company-target.com/ Name: tuuid_lu
Value: 1699178655|ix:0
.w55c.net/ Name: matchcasale
Value: 5
.go.sonobi.com/ Name: __uis
Value: b98c64b4-2318-4e71-ac8e-78d7b159c759
.nrich.ai/ Name: _nauid
Value: 5d08d8d6-4b6d-427f-ae3e-d81152dc9be0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3DAE9542-D0A7-4EFA-83E2-F4F53393B478
.ads.stickyadstv.com/ Name: UID
Value: 78799c6a3124dbcab4ae5cebb5a35181
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZUdonnUBhaXLGOaTV5j8PwAADIsAAAAB
.servenobid.com/ Name: pid_309
Value: e_0c73a63a-8ab1-4d61-bb45-1cebd797f345
.yellowblue.io/ Name: wrvUserID
Value: sTvc-5a-kj_s
.3lift.com/ Name: tluid
Value: 1159291947775073476968
.servenobid.com/ Name: pid_348
Value: bLqnz8tzkp_mm
.servenobid.com/ Name: pid_332
Value: ee84a77e-fd3b-4db3-be70-13cc9f522369
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-1dcc098a-cb1a-3217-902b-cd5ebb256706
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~2evm:18z8~2evm"
.liadm.com/ Name: lidid
Value: d12ef3ac-66ad-4b52-9145-5ccc59f92f97
.quantserve.com/ Name: d
Value: EPwBHgGtKvijCJiTCuu4EM-7EA
.servenobid.com/ Name: pid_352
Value: sTvc-5a-kj_s
.betweendigital.com/ Name: ut
Value: ZUdooAAHlWjZz_1zRHh7A8NKgy-wqTU0cSeJxg==
.smaato.net/ Name: SCM
Value: cef7bce670
.smaato.net/ Name: SCMsas
Value: cef7bce670
.servenobid.com/ Name: pid_316
Value: 3DAE9542-D0A7-4EFA-83E2-F4F53393B478
.adsby.bidtheatre.com/ Name: __kuid
Value: 3528f569-b71b-446d-a58f-7275e2f3f0cc.468392656
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-kTUhWpE4LA6KNiJUlTI4XZFhIluKYXELwTRGJlec&KRTB&19420-kTUhWpE4LA6KNiJUlTI4XZFhIluKYXELwTRGJlec&KRTB&22979-kTUhWpE4LA6KNiJUlTI4XZFhIluKYXELwTRGJlec&KRTB&23403-kTUhWpE4LA6KNiJUlTI4XZFhIluKYXELwTRGJlec
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECDAPQLEbCaUhVyYsvz-bYE&KRTB&23025-CAESECDAPQLEbCaUhVyYsvz-bYE&KRTB&23386-CAESECDAPQLEbCaUhVyYsvz-bYE
.mediaintelligence.de/ Name: trs
Value: 654768a086fdca1bc425b86f
.rqtrk.eu/ Name: browser_id
Value: 1:9bd2371a-3797-45b1-aba1-a4b0f85f88f8
.dotomi.com/ Name: DotomiTest
Value: 46a80c7622201718
.weborama.fr/ Name: AFFICHE_W
Value: orZdDQX4dJCi81
.sitescout.com/ Name: ssi
Value: 28e094f1-12ba-48f4-bf8c-2ec2a773d466#1699178656584
.awin1.com/ Name: awpv11482
Value: 412871|1699178656|addabed1-7bc2-11ee-92fe-22394270969d
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003%22%7D
.contextweb.com/ Name: V
Value: 9NxgOBg7r0Qm
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4b14fd57211795df
.creativecdn.com/ Name: u
Value: KXWhMQCskTN1IeTZXbCj
.creativecdn.com/ Name: ts
Value: 1699178656
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433830802584029
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4365169368219957760&KRTB&23263-4365169368219957760&KRTB&23481-4365169368219957760
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4110564080573384483&KRTB&23150-4110564080573384483&KRTB&23527-4110564080573384483
.ctnsnet.com/ Name: cid_6c1a167a48bd4467872ac90e2421ad63
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-560559417966471935&KRTB&23339-560559417966471935
.adfarm1.adition.com/ Name: UserID1
Value: 7297916757596240012
.csync.loopme.me/ Name: viewer_token
Value: 5d76074c-21a3-4423-bd8e-4d184977a583
.de17a.com/ Name: guid
Value: 1.1829029783605596279
.awin1.com/ Name: awpv18851
Value: 412871|1699178656|ade60970-7bc2-11ee-bbbe-22643cd2ee20
.awin1.com/ Name: AWSESS
Value: 382783:2578904
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_a3b5a9c6-d4b8-44a8-bbfa-cbec1a1b4341
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5OTE3ODY1NjY2NX0
.shb-sync.com/ Name: smart_usr
Value: cc0176d1-73d9-45a1-8cfb-4e8656e422ad
.shb-sync.com/ Name: smart_r
Value: 32095
ads.playground.xyz/ Name: connect.sid
Value: s%3AFq2LG8wPvMEzb1zoXWMGCAYcTbT67C1m.gJc54bKWKFt%2FexMmv1L1fmWh5H%2Bqu9Q1cA80WdMz6WU
.adx.opera.com/ Name: UID
Value: OPU82cbf16a609a4c99aac7f0bc5e1bf659
.mediago.io/ Name: __mguid_
Value: f34e9699b21352ab2w1xez00lolb3mgv
.servenobid.com/ Name: pid_321
Value: RX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIylCUMD5tWQMMaTuOAAAAAAA&KRTB&22713-AAAIylCUMD5tWQMMaTuOAAAAAAA&KRTB&22715-AAAIylCUMD5tWQMMaTuOAAAAAAA&KRTB&23519-AAAIylCUMD5tWQMMaTuOAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7297916757596240012&KRTB&23369-7297916757596240012
.richaudience.com/ Name: pdid
Value: ef7ce51d-bdd1-43e7-9b06-1zz1699178641
.mediaintelligence.de/ Name: emid
Value: 654768a086fdca1bc425b880
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 421c10bcb05aa53a9e3b61722457b34
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUdooAABdUVErQAU
.rezync.com/ Name: zync-uuid
Value: ddcafca0-5d07-4d4b-82db-4d20aa85a87c:1699178656.653733
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d52e9d16-d4d2-5779-4656-76ce448f9be7.Qbv%2Fxsns17MJFnWkF8VelS1IZTiWDIV4F9eI7NbqT1Q
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d52e9d16-d4d2-5779-4656-76ce448f9be7.Qbv%2Fxsns17MJFnWkF8VelS1IZTiWDIV4F9eI7NbqT1Q
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1S6dFtTSV3lGVnbORI-b58POaYM.wr1dwdUzyKayaNjnayaNJG0TaKuz3IEFJGppMgWz0G4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1S6dFtTSV3lGVnbORI-b58POaYM.wr1dwdUzyKayaNjnayaNJG0TaKuz3IEFJGppMgWz0G4
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU82cbf16a609a4c99aac7f0bc5e1bf659&KRTB&23485-OPU82cbf16a609a4c99aac7f0bc5e1bf659&KRTB&23524-OPU82cbf16a609a4c99aac7f0bc5e1bf659
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-28e094f1-12ba-48f4-bf8c-2ec2a773d466-654768a0-4348&KRTB&23418-28e094f1-12ba-48f4-bf8c-2ec2a773d466-654768a0-4348
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1829029783605596279
.smartadserver.com/ Name: csync
Value: 31:330265bf-f52f-44ea-a3cf-f9ea286f4b9c|80:R7hkmEe1acxcu2eWQ799n0fsZ5lc7DTJF7nhqT-K
www.conrad.ch/ Name: HTLP_timestamp
Value: 1699178656781
www.conrad.ch/ Name: CEAffHA
Value: AW
.www.conrad.ch/ Name: __cf_bm
Value: w2dLd6._c.PmopCJc2eB_cKolyHbqv6EQK4QU2jswN0-1699178656-0-AbfG+Pz68VTE+HgaV8RQuwnUc6SydpkKBUiBe33QdMflmtEi6uWea4g4I2grzFHrT5gQmtMEF/6H2X6C4JEmJPI=
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3GyxHAIAgFwEvaIYMiH-0GeWMhqTzuab_HgMpTyaRgp4GxKTr2XefM0Ayv1WzO5mFqr6m4yA9fkal_OQAAAA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-330265bf-f52f-44ea-a3cf-f9ea286f4b9c
.us.ck-ie.com/ Name: CID
Value: 61bbcd43ac3a6b08ddb03418599372ad37cadc75
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-1S6dFtTSV3lGVnbORI-b58POaYM&KRTB&23334-1S6dFtTSV3lGVnbORI-b58POaYM&KRTB&23417-1S6dFtTSV3lGVnbORI-b58POaYM&KRTB&23426-1S6dFtTSV3lGVnbORI-b58POaYM
.servenobid.com/ Name: pid_323
Value: LOLB3IFW-1C-2D87
.smilewanted.com/ Name: sw_user_params_infos
Value: Z6CRJEYjOUwW3q%2FISz0Xu86t2tyxjvKotmyujvYx8SsHItuq0X1CVTyfZIZq2qTkUgsAIHnxROE%2BOFo2SuT5DGbi7ADUV4CJYwpPLFhYXu3mcXzjDGrKiKZe5ktUJ3fjGmhqLYUSKv2yDUYiheXw4Gu8b13R6oRCcFaKgRu78YrSaoeKvWUh%2F0L96gcnWtqA2d4l8mRSqhK5LeSUND1KcW8gcDCFJEhEdQbdTKpX14KM7L%2BW6E9KlzFFO4VtiygKlmJWID1Lj%2Fb1hpRypK7s%2B68JPRLvC8P3HkTV3EAibJmZcGq1EzQZ0vych4ULihsrlGvWBYpfWjrMwL%2FY1VpX3wn%2FICUSlSzgwm6lcUyT2Gg%3D
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nth|7dN.0.AADYHE7KjtEAABi-8U8OSA|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFw81Y6zjAHx1IMXgvkq8n88n2qC4xUNfUPhpLpgFrVhEHwYBCCg0Z2qBjABOgTwi70wQgQBFYMF.WhXyXe7jfNfZyyURY%2FP%2Bc%2Bd8bkgc%2BQTn6EuIq1%2FynpA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFw81Y6zjAHx1IMXgvkq8n88n2qC4xUNfUPhpLpgFrVhEHwYBCCg0Z2qBjABOgTwi70wQgQBFYMF.WhXyXe7jfNfZyyURY%2FP%2Bc%2Bd8bkgc%2BQTn6EuIq1%2FynpA
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpYAF199dX3WFqbBgMWySGKnddJL2ro258TCX98JwDoC6tShKkFau7Ez64le3h8dtUhVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlpaG5hZmpmYmk0SdgsJSU5MS050UDXNMXAXNckxSRJ18IoJQnIMjJITLQwTbQwT7ZCaNIzMzU2NzaeJYxkkKWZ2SJUvvkpcQQfaJMxALFOp4t5AAAA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADYHE7KjtEAABi-8U8OSA
.zemanta.com/ Name: zuid
Value: 7esaQt_RUb4-MHMrWpyY
live.rezync.com/ Name: sd-session-id
Value: .eJwNyksOgzAMANG7eA2V83dyGWTiVIpa0orApoi7N7t50lywfMu-cSvtgHTsZ5kgv-tQh3RBr7-tvCCBUxisMWSQUDuyqCPcE_TSe_20pcp4RDI_M-PsBMNsxa4zaVlHaWQmxxRyUj5GFcg7__DOBGPg_gOz0yZQ.ZUdooQ.fOVaN1TbHKYuKaGijwSPFC2_11o
.socdm.com/ Name: SOC
Value: ZUdooMCo5r8AAAiukZQAAAAA
.rlcdn.com/ Name: rlas3
Value: KwSu3YjYwbYQfACpakvvgFkPSWxrYTr+EmbYE3ibyEI=
.rlcdn.com/ Name: pxrc
Value: CJ/RnaoGEgUI6AcQABIGCLbqARACEgYIuuoBEAA=
.go.sonobi.com/ Name: HAPLB8G
Value: s86222|ZUdop
.servenobid.com/ Name: pid_346
Value: ua-1dcc098a-cb1a-3217-902b-cd5ebb256706
.mediarithmics.com/ Name: mics_vid
Value: 52943064419
.mediarithmics.com/ Name: mics_uaid
Value: web:1:5d86a229-57e3-4cd6-9278-023aa8067a04
.mediarithmics.com/ Name: mics_lts
Value: 1699178657610
.pubmatic.com/ Name: DPSync3
Value: 1700352000%3A201_245_227_226_219_197_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1700352000%3A165_220_238_88_243_99_13_254_249_204_21_56_214_233_7_46_55_71_251_54_81_234_161_22_264_196_3_8_166_176%7C1701734400%3A203%7C1699747200%3A223_2_15%7C1700006400%3A63%7C1704326400%3A69%7C1700438400%3A35
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-84e9c038-cef9-4c6f-87ce-1ad858e38c07-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1699200259088
.pubmatic.com/ Name: pi
Value: 0:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 10
.zeotap.com/ Name: zc
Value: 3e48f8ec-b2c8-4067-6a95-6883df629897
.tribalfusion.com/ Name: ANON_ID
Value: aRnwJWPME7eQmKvCjSxrdUguOQcjrbxZaqpBX9Asdb6ocfhYnRB3R3H0VfCMXAdZaAZdZdVeMFexo2ZaoMQdFGfg3K7Q4rPIDZdmTUjPLxqZboD4iRMu7kGn7XUVSZcE6nGcQf3c
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-uroLIz3lVSjnRYWVnWaSTbQS
.pubmatic.com/ Name: PugT
Value: 1699178659
.onaudience.com/ Name: cookie
Value: 478f98ca358f62e7
.onaudience.com/ Name: done_redirects147
Value: 1
.semasio.net/ Name: SEUNCY
Value: F72A2C268184866A
.pubmatic.com/ Name: SPugT
Value: 1699178659

33 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/033dac8d8fc804c3d24fdd8bb3380935.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e64dcf78da48ba90042d3b56bfaa97af.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/47333c298b41676b43aac7953f4f50fb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/7924dd80333f17e34cf02772985bc73f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/89c79dc706cdb76518c75a4ecb0fb9e7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/9c0420e74a6c51db3bdf57c58d58e4d9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/09562f02bfa71be0bbbdfc6faa4b19ee.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/86a9fab4527501eb0cdd4b46c954e9a6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/13e41329af74c7e197cc1818b765dd0e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/21369f91b1c1d9d5547eb1ace1182ab1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/bc407da50850f997c8fffbf808a584d4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0cf953a8e7d62c3e3e201a930d63af33.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202203/a054d18274a07a9ed5ad0b3615140588.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/68943cd6b2c528e904c8b02d69ff02d4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f5d987e5433ee8797f0152bfbb18743c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/467a4a215f3b32ed302e1f1100f7fe0e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/db87adaa44ab8235a75f71d918d5cf33.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/5ab2ac923bc25962d5052c507f494aab.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/a78ed149813521ba82d80c4ca2bea50e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d2ee3a3b9dbb8105f57623684dcd528a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/6ada7ff64c475be3de41cda3ac1dbe0c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/6d846d2bfbf92341a77538333d1ea717.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/95a2bc9c7772e73ef625ddab78d90e7b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/875c737c7e5a268b3077bec865e33cd4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EveGluLWh1YS1qaW5nLTFyaS1wby0ycWllLWFuLXhpbi1odWEtamluZy15b3UtaHVpLWJhbi1qaWFuZy1iaWFvLXlhbmcuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://a.teads.tv/media/flavors/carousel.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
7ab47f7be212df0933e9d71403734c09.safeframe.googlesyndication.com
a.audrte.com
a.gsitrix.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.smartstream.tv
ads.stickyadstv.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
audiencedata.im-apps.net
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
capi.connatix.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cookie-matching.mediarithmics.com
cookiesync.api.bliink.io
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d.turn.com
d5p.de17a.com
data.mediaintelligence.de
de5ff7d7cf1852c496e89b38e97530c5.safeframe.googlesyndication.com
delivery.adrecover.com
dis.criteo.com
dmp.im-apps.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ialaddin.genieesspv.jp
ib.adnxs.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
js.genieessp.com
live.rezync.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mediaintelligence.de
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s8t.teads.tv
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.springserve.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.teads.tv
t2.teads.tv
tags.bluekai.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
trace.mediago.io
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
us.shb-sync.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
ws.rqtrk.eu
www.awin1.com
www.bg3.co
www.conrad.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
a.audrte.com
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
static.bg3.co
103.231.174.251
104.18.36.155
104.18.38.76
104.18.41.104
104.20.218.77
104.22.68.131
104.64.126.246
13.248.245.213
13.32.27.113
13.32.27.7
130.211.44.5
133.186.12.18
137.74.6.209
141.226.228.48
141.94.170.64
141.94.171.214
141.94.240.143
141.95.32.71
142.250.184.226
142.250.185.130
145.40.97.66
151.101.1.44
151.101.129.108
151.101.129.44
151.101.194.49
152.199.21.70
162.210.196.208
162.55.233.29
167.235.184.171
169.197.150.7
175.110.113.203
178.250.1.9
18.192.226.136
184.30.24.22
185.106.33.48
185.132.133.134
185.184.8.90
185.29.132.241
185.64.191.210
185.84.60.23
185.86.139.104
188.166.17.21
188.42.191.196
192.96.203.13
193.0.160.131
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.20
2.16.97.41
2.23.197.190
2.23.68.89
2001:4860:4802:32::3
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
211.120.53.200
212.8.250.228
213.155.156.164
216.52.2.48
216.52.2.6
222.230.178.129
23.212.89.35
23.218.208.200
23.88.86.2
23.97.225.52
2600:1901:0:e207::
2600:1f18:24e6:b901:5f2c:97f4:e029:49be
2600:9000:20d7:5800:1f:4c18:bd40:93a1
2600:9000:211e:5e00:1b:5138:8a40:93a1
2600:9000:223c:a200:6:44e3:f8c0:93a1
2602:803:c003:200::37
2602:803:c003:200::41
2606:4700:10::6816:1957
2606:4700:20::681a:467
2606:4700:20::681a:ad1
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:bae0
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:280:382::26e5
2a02:26f0:3100::1725:e270
2a02:26f0:480:9::210:ee05
2a02:fa8:8806:13::1370
2a04:4e42:200::649
2a05:d018:d29:3602:15eb:19d4:d59:9b24
3.120.44.6
3.126.136.176
3.127.123.183
3.230.249.177
3.75.62.37
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.198.150.224
34.247.233.198
34.249.4.179
34.96.71.22
35.156.144.148
35.186.193.173
35.204.74.118
35.205.65.172
35.208.249.213
35.214.129.15
35.227.252.103
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.230
37.157.2.249
37.157.6.243
37.252.172.123
46.105.200.240
46.228.174.117
50.31.142.31
51.195.61.120
51.255.68.171
51.89.9.251
52.19.8.73
52.21.198.14
52.213.196.228
52.46.151.131
52.59.98.46
52.95.115.255
54.152.214.105
54.155.252.188
54.164.141.233
54.36.150.186
54.75.96.107
54.77.209.136
54.78.176.215
54.78.254.47
54.93.168.0
63.251.232.165
69.166.1.67
69.173.144.137
69.173.144.138
69.173.144.139
77.243.51.121
77.245.57.72
8.2.108.194
8.2.110.33
8.43.72.97
82.145.213.8
85.114.159.93
85.195.93.95
89.163.142.91
91.210.226.71
95.101.148.20
95.101.149.233
95.101.149.35
95.101.54.203
98.98.134.242
99.81.116.253
0229b8f7cef98381e5f09831075229b0d2a1345e745a52ea7647af903df4c77a
02aef444d225d88a60f9bbb70f190757efd61304171291003c73df554bfadcce
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05644b318389d5b950b43cea5820ddba7d9a4847f5d35f32d69633c506552426
063c5ad5f7a9841baa04c6d1be02e2dc899de5d9cfc244160870bdced679e637
06eca77911c52c8c51c81166043013d81d67efa2dba421d5d5a0db7f9b9da880
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a1e8eedc94c0cedc3c62afbd806bbc36b5863094f2fb961d4855cd53a7ec407
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9322bf9955f51cf240a74a3a07a68061e75f9b752def4897df85d4dfcb8597
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
0eb612950bab80da54815a11e889308e8df01811bb17950058ff09e3a77047ea
0fa8cc5864981df7c04184f215bb13c031ee928376bcc8b3406eaaf47180d23e
1094a7e566c296c15bcfa02779a10b2f69ac9b7c75e2f883c77291f5d311f9e2
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
128161533312fa79a057e50dfaf61f7ab9b2d44c4be01fb22d125b1b2e3c23d9
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b
16a2002fe6073aa0708f1048d7e523b42f8043a72770e1c5782c7e1010ab03a0
17ec579fcc54760dc311b0a6b284495059ee0067cabf38b8f623fbc563b80d33
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1976b2ad90c95b61cd1a449f6992d2c2908f337a462d2015f1c77aabded22705
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1b941ca306623dc2be58425fbdb0ce4bd642eae5401ddc7c5d23a9de47779271
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f73ca3ca5aa08959a088d050b97134eaf9384499c9e354bc69b237404b03026
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
207b5d5af193855b0b3c7068a3ec3f7b4a0594f18eec78d7a9c5a2f79c51b4ec
2155d4fa4db95a85d21ddfad33890834452ccccfa72d522489f51383cfa92910
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
23106e7c3c425ac991acdeb26c55eced3a41e8e439c65f794ef3fac7b1a5fe1a
24d760d81f93ca90bad80596aaac488d11b4e77863f29fcd17a2e7f21e9d7354
251f042187fdf6088f397ad7858a36859dfd7ab8fc1350cd1ff8ce84e5ffea7a
255a978ff1f8c157ef0cfef1d827789f3695eb1132c3f9665e3025cd3235a189
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26b53d9ef9d03daa5efbd24bd334c7ec4b55876d6ab0ffa70e4c388f741f1fa1
2849822cf4e301f243ffaa9d75ef79c1d11ff1dd58c3929c7f6c9a8b9d6c88b5
28d55df292b191f09b9ed2b575d1030beb6d934d862d6b8b7a6cabefaec04e7b
2925fc0c112154d5c56d352ed51ee6de878608fef503b03ddd94d13214851353
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
2c8764f4c3f4861c155dd3dec893e872541c17de02e49b166a7a6e642146afe1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1dc0df32e4e760234ca5955d470f67bbaddffa64c40de107a212a5043f33b7
2e490e0f3454ceb326e82465b930bdfebdd0b124ea4cbea540f81c78db790257
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
309a1ec040b90186e8bd76ea73eda64f7aff0eaf326d0c28546699993d0bd3dd
30aa3d14e649b75624f72b93524908dd988078a4944590ac22524d208aa8f11a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328ceaba8d647e0e0f1b99568fa2a8669d575f7ffa502662cab1006a32cd2417
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330f7a02aa5131098a43f42ca0f19c8d1465a4ee1ef18f3326e9734c3f26f379
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
381aa5fd7594c3bedfcc9cec6d5402075e44abb2d639e5f90088678547420b81
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249
39b05f810dadf5060c7b3169cc159bae45b7dd24f5ef7c84a26ad773111b978e
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39e054b609a755b20fc55c8e0b18ff3cf15c2685219da978d96b6cbb4d696b4a
3a3790beb69a7947610ec1a3063b6df868d75c1da9aec99c0a28e1202f6adaf3
3b8aaffc92f26b686726acbe71d3fdd75b115c3a3908d86c77b1764a1a60adaf
3d313751e117a410553335b2a551ad3dfc1db923a463f34cebd67ee216ba4303
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a53e09ad6266849dbf0bf81d670e933c4072f6bca2961bfb97e7ec2570a4f4
4618c73b3cda93073557b27a3b8abd09750e3d720b9dbfd999aa49e9a0d13f38
4674fe542fd0aefd56811a0f617cb85d94dc9412761adbc6afd080b76e7253d4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ccca22f2d226d821e3b8462717e36dd5cf7342c1e48bae21622f59c8f63cac
46f183df12f053ff00f72b2835d7c4f6b70d2596f4722df2f540b9403242fa22
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a977037280fa6476eb10bcfe4c49bafeb377502760e65cc4674333592fe799
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd82df33f343d298fd238500198a5a720bffbb150f6a1a57448dee423faca0a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eda9c477246f17f6191c65a4ccc13d0cdeff99c472a56f4cc1176eefb223f54
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fba7786e246258893ff5d10601988843424ad1af4b40ad57a2f9f69146c58a2
52aa1fc1c337a57bfc9cba0a2fca825fcb9087648f63424a7e7d8334d47cbe67
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b087a434e425d4cdc2be8d2283aebef89004cb28b4a32ecb5c2004f339bfa7
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f848aa08c9497d0e840fa6310eb511c6fc90f2ffc7d63fd7e9febdade47ec8
58f0e87fb9519bcdf1cd40111e5ae3d2992e879ecf126517571371861d1e4abc
595e14790d176a03c0bc4bd57675f4b49e538215b711dcbc8d475842e61312dd
59c50c6bd34efe268453012b423d2f60933b261de950c7d0f26b79aff34a9b7d
5dcb4b5b1691d778d9e2590060ea65d53a3b0acbbbc16f513e17f13075f78b03
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
6031758a273bf4cbb9e3600d0200c73235f0fd90939007ef7edb7eaa5f390bea
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6284df0f00bd4a37b7e380df638c5c0457a83d28a52001baab667eaecfe17f31
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
66168fa5f89845f41a2b9a483a19d5c8602bc732b19f8554f83c55494a0722fa
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6683a79368bab3435657192602ceba85a425c2c02a07b2e29d54a2f915cd17ae
66ba7ae4c8bc5b8dbdd180a31e0748cdae29d91336cb494260a7d761b9a0e29e
6a10026a5515532bc83d5cc40f634aaca4ee39b21ae46ab1edcfd12f8e90396d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a7c28d22dd1d4b40b041d3fbeefa91a32b8dec11881cdfa975aeecddcfdbfa2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6d98932f2759abc6e7730033a1f3f8d55e9e2ecd61d5c260932a57443222de97
70baee62d75487b471c75a1c02809ac4fea9eeb51eb20ca3f54d12c3f0a6d247
7319f99244a2c15adf4cf3b2f9b8106dcedf9a1d405dffed0044e611f7fedcf0
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
75142c35f7c00a41c4f722667770f7eda135d815f970b5e6be8de87095ea12f3
755d91d9ebb6a309a2429ded5b65120b7d245d47e98a12fa22157f1cd4f4f575
78165422bbfab7eb8f4fc7f811e5ab9a6f7fed8ce67a867c495db3ac4ee92fce
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7aa6b6e9a3bb07a6e7a1b473023f32f86b2b8672e3af6ef299d980882cc859a6
7ed524681c8f26b8f77c73f83b736ffd170c3417ead94f4fad38f78c746fa98f
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
80b0eceb85e0b54c34ca4da4a2b11fa7e7efd11c9d7dbee2c6f93457c5c16ef1
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd
816ca840bdc590fdfab455bd69948ab35606da38837ff60c39990d4cf9c9f633
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8361799fe0baa827e7187e37022faee3802c35c3a569acb24555da83c5722b98
83a763f0e028265bb83be112d12f8c2f39cdd2948d9f9811a85b2a111301fd74
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84533f107284efd70e7ce1c3e84a7f6cd17e843183a6cf170a7576ebf247f017
84b3099389d3f4a1bc1a5d94e8684fcfb7c09d279598ff2ed8fc555273e86230
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
8930f8393450950927519a0abfdcc5d76d4908859176055d023bfdc54463d1d4
897d1bbe14a316d047465b8c298c5a05fc624df549e25012cf2e3626b2a0a146
89f70125ee3333119eeae42a95a9f2fef92c9e5550969dd3583337323d53c98d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ab3b73990ae3e3be837ae5c7589417935c1d4be0a9d73af971e231483b5d5bd
8ca00ea1d95b0369e3fee0ae721bf9f172501a7052c1131036da7823a0a1830e
8cc039b3eb06f163b57045dca66e2d6143369dde0bb2d4615a4407a37e8e0b67
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
941a83f6ab9f7fc013beb8ff41121bde6843cd3e1fd5166cf17234b217238cb5
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
97b55d053bd210be0b239f66040b2178e861c97f48334298c0737f645dfb4828
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e702ad6560628ca32323265fc816700ba47a40eaf5fb260dc0adc96a7c89ef
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a10ba9428262a096567aebb993ca8a7999e67ccccf7ead99f5c700cbf93103c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9cab3225bc5ad29cf87d85f4907379efb2fad2cc3fd78b64890accfc2d956606
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01c1a0c3ac98e1605b87f957a8d4704c409ae915a5dca0c02ee9ddb92ea5334
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a26b73a16ca2890697755f54e3d584a0fc7d2b9983d7afea913c61e1ed73f338
a2b6fc91ad20e2d027577681a0afb290e1c341429fc4dadd30565bab7d9b541d
a3cca83685c5fbbe7646bd22e4defc30f704cf843fcc996e50c03d6ab602811e
a431c0869e49b79160b64910f0fcaa34f9a24e5603d085f8cd7bf8e105b0a25a
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4e4719ed51405a4c87ab0ddb8d69620d9afaff97faa3a1040046fa2c272c988
a6151366e4a13caee40722eb6224f01434cce5aae67aedd688522639ed0ec99b
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7442146a665b846ad4f03a05013db468e4386b2cd9d3312b059112b69207bd9
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a9970cd25be69eacc0338425d98f1ad6064c54fe4d51d5232108cb2d1e594abe
aa2dd03f1dbea5a540be099b05c71b8f902e0482ccd987b2a3b410a9d2b4dd7f
aa4b5ef71883340d967b61fc5306164dd24a6ae92b3c3438834a39fea1b61b54
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae8e897ab5cdad4df9514d0978ccdca9a75220a2099fcab931dfbcdcd2d7b893
aed23d753b8ace96398ddd3b0705b654e37a7d81cfbb4c5174ec04539dfcc0aa
b0fbfcf740e15efb06f5675cde2f71ecc0fdf90a23bfc51e3b3ce4701576b475
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14bba8cbd353dbae1ac3cc252ac9e028280a36fa9cef8cc3eca12ba5cee45c3
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b8772a132b701c01463cd2da89c0f05adc6a0d45824ae699de2e9abc043dba71
ba1e72fa21b154ee9095881e61112a411513758f51362824fc09ad3696b53b6f
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bd28563e5697baaad4af9ad150f0fbc91df7c7337d9ce5b2c1a4f42c38852f38
bd572090883bcc5dac1ee41b72ad36a3bda60eabcf3a8f4912d3860636640326
be29e312c0205fde8e880cdb274f00258eed12e91a08cc1dbcbac24959891769
be785b38a2722604221c19d58f113a383814627149afcabd6885552c629dfaf9
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f
c060261c4e9eb931525fde154a4ec936270460a323bd9214a001384f87e46c2b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c240d086c01646f9f5ce652d31e71aadb74564b68e64f57a583c8e1cfb170246
c6d2c15417ece5810ab49b0733446e929b26927dbac35048bb190f2b66c7a31c
c70324a0361fb1663960684b02c4924af5fd31d8a29c90e4d3d62d3f64f606ae
cb0ddd1c7207dd09e38de1312cfc2aedb825999d5acc2389f1828ea4c9ec7b79
cb7c0762076b1acb4735d1a49bfa0c8d5dce7f8f0fb90c58309c7ceff0de73e1
cc44d54e624144737bb4645074c701dab38c2a328c9a878d236d355afd3b0e71
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cdd46c91676da96a36490fad39c3b9e07ccd5f03b9f859fcc8403f8a6f58607e
cee99bbb02727f60a13953bb2e143d789811fd300be17e2b2625a7def94d8fd2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf78f595b41917c38d6753af680fe5e46850a184686a4e635e31a1921915aa7a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1ffb8aea2ec470a79c8992da90c79e4a1c1fd7b2c46abb3a6dbce67cba5c5e5
d53061b329e42c194f8f1920384802008342fa76b98b474070594fd1d152d837
d71f15e40a332b01a051d53e8b0bbb334f02456038d71e42ca042a109f85089e
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
d825171ee049738384d39c60a6f320f7c0a8705d6e182ef85ce5aa6c408fb4d5
da8db293643b0a25ba0d3ab6fcf955cc50d83ae3a49a1e51b459fbd7e7189bc1
dbab2479973e41534f5b41558f9dc51b9a9d4606f727208c556f02b46dab3316
dd36b72b03f5033f5aa6dc07d25b69cf8b57c64a1050fca404cba1c573d96b2e
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e027999d370411b5437ccffa2ae698c793bc2a74ed2d7e3d1992ec9dab9dd1c8
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e209b170cae20dae0c0c8ef1192307cc06a5384086414bc543608d2d149f26ed
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e425f9ff85c29aa66c77eed5de0c1e8ab967ff55483a271f99822b7ec33fb418
e4768b726957aec13a94dc337d235313091d234dd321066284ed2aac68d7e4ad
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
e9472ca3ae802b7adb200b0220a6295f0415819a8837907225478c7bb0bc8d90
e9c0daf6dcb01a16d66643010c53de3e3ee1aae1f2930a13ef28e521d4b7ba48
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee0dbcc39c93f71fc437d979df07e138fd340cbe06a3bdc81b2426b31bbbbdea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef203c17cf99e14a52f412a713a664a344e4b68c351f0bc2fa37c0e2766fc36e
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c
f1da192498233c026ad16b776fa5bb5e49994b7b31e7b09146dca3d741944639
f2b95a5da3d9bd50159d153084441751a02fa516e3991f9e1f680fd18e4e2555
f37bbc7351a147c46e39abbc29083386e848eb80396410db8bf3257732926c5d
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7b8af9b735073ec39e38018ae49ba7396286cd7e2cb2c4d457885ff41ad755f
f8383a5be6d1a813f66622bf5428d3d3abe09cedb1141e6c69c48c9fadc8f381
f9e7f6a7a84271db6eeb2d090d80879c37d382ec80324b3ed5c16fb50d8bb695
fa0cd43fbef91e806c18c731d15b61f086cedd25af360cc5f28c74b1fd9301c4
fd9f1c20e604b9ea21c51b520475858e8b9abfb6987e2bd10db0e9c0d53d757b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50c1a50cc8fc3493ed21f3cbf9fa572cce75af3baf98cb081bc6b5a0f61d22