urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Submission: On November 20 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 123 IPs in 15 countries across 121 domains to perform 587 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
8 152.199.21.70 15133 (EDGECAST)
36 151.101.193.44 54113 (FASTLY)
2 5 162.210.196.208 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
6 2600:1f18:24e... 14618 (AMAZON-AES)
9 23.97.225.52 8075 (MICROSOFT...)
24 185.132.133.134 49981 (WORLDSTREAM)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 51.89.9.252 16276 (OVH)
1 18.197.219.206 16509 (AMAZON-02)
1 18.196.139.135 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 5 35.186.253.211 15169 (GOOGLE)
8 23.35.229.56 16625 (AKAMAI-AS)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
15 104.22.69.131 13335 (CLOUDFLAR...)
18 54.171.91.135 16509 (AMAZON-02)
1 3.248.171.173 16509 (AMAZON-02)
3 8 104.18.36.155 13335 (CLOUDFLAR...)
7 11 185.89.211.84 29990 (ASN-APPNEX)
1 4 147.75.84.158 54825 (PACKET)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 54.38.197.123 16276 (OVH)
8 8 3.69.104.214 16509 (AMAZON-02)
6 6 178.250.1.9 44788 (ASN-CRITE...)
1 185.165.240.175 49981 (WORLDSTREAM)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
3 2a02:2638:3::c 44788 (ASN-CRITE...)
3 222.230.178.129 2519 (VECTANT A...)
1 167.235.184.171 24940 (HETZNER-AS)
1 185.86.139.59 201081 (SMARTADSE...)
3 3 23.197.120.249 16625 (AKAMAI-AS)
14 23.52.120.246 16625 (AKAMAI-AS)
3 151.101.1.44 54113 (FASTLY)
16 185.106.33.48 200478 (TABOOLA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
6 185.132.133.133 49981 (WORLDSTREAM)
2 2a00:1450:400... 15169 (GOOGLE)
18 27 69.173.144.139 26667 (RUBICONPR...)
6 2404:6800:400... 15169 (GOOGLE)
1 185.84.60.20 198622 (ADFORM)
8 2a00:1450:400... 15169 (GOOGLE)
14 52.223.40.198 16509 (AMAZON-02)
4 11 133.186.12.14 10010 (TOKAI TOK...)
2 2a02:26f0:c6:... 20940 (AKAMAI-ASN1)
7 141.226.228.48 200478 (TABOOLA-AS)
13 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
23 2.18.161.51 16625 (AKAMAI-AS)
2 5 54.239.38.253 16509 (AMAZON-02)
15 29 142.250.186.162 15169 (GOOGLE)
2 5 52.46.128.147 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
6 11 2a05:d018:d29... 16509 (AMAZON-02)
7 7 52.30.78.43 16509 (AMAZON-02)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
3 3.125.27.82 16509 (AMAZON-02)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
6 6 3.71.149.231 16509 (AMAZON-02)
1 23.50.131.73 20940 (AKAMAI-ASN1)
5 15 2.19.245.101 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 54.78.254.47 16509 (AMAZON-02)
1 95.101.200.166 16625 (AKAMAI-AS)
1 35.244.174.68 15169 (GOOGLE)
1 18.184.223.197 16509 (AMAZON-02)
1 34.247.45.174 16509 (AMAZON-02)
2 54.76.38.94 16509 (AMAZON-02)
1 3 142.250.181.230 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:e... 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
3 17 34.98.64.218 396982 (GOOGLE-CL...)
1 1 222.230.178.32 2519 (VECTANT A...)
1 1 172.105.232.22 63949 (AKAMAI-LI...)
11 172.64.151.101 13335 (CLOUDFLAR...)
1 138.201.63.117 24940 (HETZNER-AS)
1 4 176.9.26.250 24940 (HETZNER-AS)
1 95.101.200.23 16625 (AKAMAI-AS)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 52.222.169.84 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
1 76.223.111.18 16509 (AMAZON-02)
2 6 198.47.127.19 62713 (AS-PUBMATIC)
2 2 69.166.1.67 27630 (AS-XFERNET)
2 2 2.18.160.23 16625 (AKAMAI-AS)
2 3 185.86.138.154 201081 (SMARTADSE...)
1 88.99.65.215 24940 (HETZNER-AS)
8 9 37.157.2.229 198622 (ADFORM)
2 18.200.168.98 16509 (AMAZON-02)
4 2.18.96.187 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
3 54.85.125.66 14618 (AMAZON-AES)
2 2 216.52.2.86 32475 (SINGLEHOP...)
2 216.52.2.30 32475 (SINGLEHOP...)
5 5 46.228.174.117 56396 (AMOBEE)
3 3 2001:678:cb4:... 56396 (AMOBEE)
4 4 193.0.160.130 54312 (ROCKETFUEL)
2 2 18.211.228.116 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 80.77.87.163 46636 (NATCOWEB)
6 6 3.210.90.75 14618 (AMAZON-AES)
2 2600:1f18:ed:... 14618 (AMAZON-AES)
3 3 64.227.64.62 14061 (DIGITALOC...)
3 3 98.98.134.242 21859 (ZEN-ECN)
4 5 34.254.54.88 16509 (AMAZON-02)
5 5 50.31.142.223 23352 (SERVERCEN...)
1 162.19.138.83 16276 (OVH)
5 6 185.86.138.150 201081 (SMARTADSE...)
2 2 35.214.188.72 15169 (GOOGLE)
7 9 52.211.237.14 16509 (AMAZON-02)
14 34.247.233.198 16509 (AMAZON-02)
2 2 35.210.239.72 19527 (GOOGLE-2)
3 3 54.165.29.149 14618 (AMAZON-AES)
1 1 54.156.137.107 14618 (AMAZON-AES)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 1 124.146.153.160 2514 (INFOSPHER...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 2.19.100.239 16625 (AKAMAI-AS)
1 1 185.29.134.244 30419 (MEDIAMATH...)
1 23 185.64.191.210 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 3.127.123.183 16509 (AMAZON-02)
2 2 185.64.190.79 62713 (AS-PUBMATIC)
1 1 82.145.213.8 39832 (NO-OPERA)
2 3 151.101.2.49 54113 (FASTLY)
1 72.251.245.179 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
1 198.47.127.20 3257 (GTT-BACKB...)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 52.19.215.209 16509 (AMAZON-02)
1 1 37.157.6.237 198622 (ADFORM)
1 1 2607:ae80:4::26 26558 (FREEWHEEL)
1 108.129.5.53 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 141.94.240.143 16276 (OVH)
2 2 141.94.171.214 16276 (OVH)
1 162.55.120.196 24940 (HETZNER-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 141.94.171.213 16276 (OVH)
587 123
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
14    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
8    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
36    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
5    162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
3    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
16df40c7387f574a836dc77d62300e82.safeframe.googlesyndication.com
69d8865750481cae990fdef0482a216f.safeframe.googlesyndication.com
6    2600:1f18:24e6:b900:3468:1b3e:b397:53a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
9    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
24    185.132.133.134 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net
ad.vidverto.io
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    18.197.219.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-219-206.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    18.196.139.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-139-135.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
8    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
a.teads.tv
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
15    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
18    54.171.91.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    3.248.171.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
8    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
r.casalemedia.com
11    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
8    3.69.104.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-104-214.eu-central-1.compute.amazonaws.com
x.bidswitch.net
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.vidver.to
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:223c:6c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    222.230.178.129 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
js.genieessp.com
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
1    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    23.197.120.249 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-120-249.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
14    23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
1    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
24    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    185.132.133.133 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-133.hosted-by-worldstream.net
cdn.vidverto.io
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
27    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
6    2404:6800:4003:c05::78 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
8    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
14    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
11    133.186.12.14 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p014.net133186012.broadline.ne.jp
ialaddin.genieesspv.jp
cs.gssprt.jp
2    2a02:26f0:c6::210:6568 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
7    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
13    2a02:26f0:ab00:2a3::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
23    2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com
t2.teads.tv
t.teads.tv
5    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
29    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
5    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
11    2a05:d018:d29:3602:5079:1120:7dbf:7a0d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
7    52.30.78.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-78-43.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
3    3.125.27.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-27-82.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
6    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.50.131.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-73.deploy.static.akamaitechnologies.com
hb.yahoo.net
15    2.19.245.101 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-101.deploy.static.akamaitechnologies.com
sync.teads.tv
studio-t.teads.tv
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    95.101.200.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-166.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    18.184.223.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-223-197.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.247.45.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-45-174.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    54.76.38.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-38-94.eu-west-1.compute.amazonaws.com
sync.springserve.com
3    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
3    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
audiencedata.im-apps.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
17    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
genieeintl-d.openx.net
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
1    222.230.178.32 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
rt.gsspat.jp
1    172.105.232.22 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1886-22.members.linode.com
g.c.appier.net
11    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    138.201.63.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de
hal9000.redintelligence.net
4    176.9.26.250 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
1    95.101.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    52.222.169.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-84.cdg52.r.cloudfront.net
public.servenobid.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
6    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
3    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de
cdn.contentspread.net
9    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    18.200.168.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-168-98.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
4    2.18.96.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:223f:2e00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
3    54.85.125.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-125-66.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    18.211.228.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-228-116.compute-1.amazonaws.com
ssp.disqus.com
1    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
6    3.210.90.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-90-75.compute-1.amazonaws.com
i.liadm.com
2    2600:1f18:ed:550a:b33d:6afb:b084:e380 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
3    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
5    34.254.54.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-54-88.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
5    50.31.142.223 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
6    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
sync.smartadserver.com
2    35.214.188.72 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 72.188.214.35.bc.googleusercontent.com
csync.loopme.me
9    52.211.237.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-237-14.eu-west-1.compute.amazonaws.com
a.audrte.com
14    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
3    54.165.29.149 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-29-149.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.156.137.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-137-107.compute-1.amazonaws.com
sync.ipredictive.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    124.146.153.160 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2.19.100.239 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-100-239.deploy.static.akamaitechnologies.com
c21lg-d.media.net
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
23    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    3.127.123.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-123-183.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
4    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
openx2-match.dotomi.com
2    52.19.215.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-215-209.eu-west-1.compute.amazonaws.com
ice.360yield.com
1    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    108.129.5.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-5-53.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    141.94.240.143 (France)

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh
green.erne.co
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel-eu.onaudience.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
62 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
vidstat.taboola.com — Cisco Umbrella Rank: 3029
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
sync.taboola.com — Cisco Umbrella Rank: 1322
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
am-wf.taboola.com — Cisco Umbrella Rank: 17326
925 KB
59 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
s8t.teads.tv — Cisco Umbrella Rank: 5510
t2.teads.tv — Cisco Umbrella Rank: 25995
t.teads.tv — Cisco Umbrella Rank: 2845
sync.teads.tv — Cisco Umbrella Rank: 1403
studio-t.teads.tv — Cisco Umbrella Rank: 7207
4 MB
58 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 154
422 KB
47 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
117 KB
38 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 823
ads.pubmatic.com — Cisco Umbrella Rank: 534
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image8.pubmatic.com — Cisco Umbrella Rank: 662
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
49 KB
37 googlesyndication.com
16df40c7387f574a836dc77d62300e82.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
69d8865750481cae990fdef0482a216f.safeframe.googlesyndication.com
411 KB
30 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
512 KB
22 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
genieeintl-d.openx.net — Cisco Umbrella Rank: 305998
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
us-u.openx.net — Cisco Umbrella Rank: 522
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
22 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
r.casalemedia.com — Cisco Umbrella Rank: 1699
13 KB
19 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
10 KB
17 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
8 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
15 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
19 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
305 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
2 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 609
25 KB
11 adform.net
adx3.adform.net — Cisco Umbrella Rank: 59130
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net — Cisco Umbrella Rank: 1267
6 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
7 KB
10 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
sync.smartadserver.com — Cisco Umbrella Rank: 1330
5 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
gum.criteo.com — Cisco Umbrella Rank: 454
3 KB
9 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
6 KB
9 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
3 KB
8 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
5 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
6 gssprt.jp
cs.gssprt.jp — Cisco Umbrella Rank: 17944
2 KB
6 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 31
851 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
4 KB
6 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
1 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
5 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
2 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal900014.redintelligence.net — Cisco Umbrella Rank: 286354
10 KB
5 genieesspv.jp
ialaddin.genieesspv.jp — Cisco Umbrella Rank: 40856
5 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
cs.media.net — Cisco Umbrella Rank: 1513
hbx.media.net — Cisco Umbrella Rank: 1337
c21lg-d.media.net — Cisco Umbrella Rank: 2513
12 KB
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
openx2-match.dotomi.com — Cisco Umbrella Rank: 4926
1 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
3 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
4 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
497 B
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
255 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
916 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
2 KB
3 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
1 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
103 B
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 26793
audiencedata.im-apps.net — Cisco Umbrella Rank: 30155
3 KB
3 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 42330
12 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
313 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2116
668 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
496 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190
910 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
459 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
930 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3340
411 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
522 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
840 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
12 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
180 KB
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
439 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
174 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
510 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
552 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6560
347 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
736 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
830 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
465 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
921 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
176 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
522 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
465 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
764 B
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 88526
77 KB
1 appier.net
g.c.appier.net — Cisco Umbrella Rank: 80997
390 B
1 gsspat.jp
rt.gsspat.jp — Cisco Umbrella Rank: 59650
267 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
337 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
502 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
499 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1743
324 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
650 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
262 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
642 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 53225
155 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
258 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
518 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
17 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
587 121
Domain Requested by
29 cm.g.doubleclick.net 15 redirects www.bg3.co
sync.teads.tv
googleads.g.doubleclick.net
adpushup-d.openx.net
ssbsync.smartadserver.com
g2.gumgum.com
24 pagead2.googlesyndication.com imasdk.googleapis.com
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
www.googletagservices.com
24 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
18 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
eus.rubiconproject.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
17 t2.teads.tv www.bg3.co
16 il-trc-events.taboola.com www.bg3.co
15 pixel.rubiconproject.com 12 redirects www.bg3.co
14 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
14 sync.teads.tv 5 redirects a.teads.tv
sync.teads.tv
14 match.adsrvr.org www.bg3.co
imprammp.taboola.com
sync.teads.tv
am-match.taboola.com
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
public.servenobid.com
14 images.taboola.com www.bg3.co
14 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
imprammp.taboola.com
am-match.taboola.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
14 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
13 simage2.pubmatic.com ads.pubmatic.com
13 s8t.teads.tv a.teads.tv
www.bg3.co
s8t.teads.tv
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
ads.pubmatic.com
12 token.rubiconproject.com 6 redirects eus.rubiconproject.com
11 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 pr-bh.ybp.yahoo.com 6 redirects imprammp.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
eu-u.openx.net
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
pagead2.googlesyndication.com
10 image2.pubmatic.com 1 redirects ads.pubmatic.com
10 us-u.openx.net 1 redirects adpushup-d.openx.net
eu-u.openx.net
9 a.audrte.com 7 redirects ssbsync.smartadserver.com
ads.pubmatic.com
9 e3.adpushup.com www.bg3.co
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 x.bidswitch.net 8 redirects
8 a.teads.tv cdn.adpushup.com
a.teads.tv
www.bg3.co
7 c1.adform.net 6 redirects ads.pubmatic.com
7 match.prod.bidr.io 7 redirects
6 i.liadm.com 6 redirects
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
6 cs.gssprt.jp 4 redirects www.bg3.co
6 ups.analytics.yahoo.com 6 redirects
6 t.teads.tv www.bg3.co
6 csi.gstatic.com imasdk.googleapis.com
6 cdn.vidverto.io www.bg3.co
6 dis.criteo.com 6 redirects
6 ib.adnxs.com 2 redirects cdn.adpushup.com
www.bg3.co
acdn.adnxs.com
6 onetag-sys.com cdn.adpushup.com
ad.vidverto.io
public.servenobid.com
6 http-intake.logs.datadoghq.com cdn.adpushup.com
6 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
5 b1sync.zemanta.com 5 redirects
5 sync.crwdcntrl.net 4 redirects ads.pubmatic.com
5 secure.adnxs.com 5 redirects
5 s.amazon-adsystem.com 2 redirects www.bg3.co
ssum-sec.casalemedia.com
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
ads.pubmatic.com
5 ialaddin.genieesspv.jp www.bg3.co
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 rtb.openx.net 1 redirects cdn.adpushup.com
eu-u.openx.net
4 creativecdn.com 4 redirects
4 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
4 p.rfihub.com 4 redirects
4 sync.1rx.io 4 redirects
4 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
csync.smilewanted.com
ads.pubmatic.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
4 hal900014.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900014.redintelligence.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
4 prebid.a-mo.net 1 redirects cdn.adpushup.com
www.bg3.co
4 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
googleads.g.doubleclick.net
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 sync.srv.stackadapt.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 match.adsby.bidtheatre.com 3 redirects
3 ad.turn.com 3 redirects
3 cs-server-s2s.yellowblue.io public.servenobid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 genieeintl-d.openx.net 1 redirects www.bg3.co
3 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
3 ad.doubleclick.net 1 redirects www.bg3.co
googleads.g.doubleclick.net
3 pixel.tapad.com 2 redirects www.bg3.co
3 match.sharethrough.com www.bg3.co
public.servenobid.com
cs-server-s2s.yellowblue.io
3 secure-assets.rubiconproject.com 3 redirects
3 js.genieessp.com www.bg3.co
3 trc.taboola.com cdn.taboola.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
3 htlb.casalemedia.com cdn.adpushup.com
3 region1.google-analytics.com www.googletagmanager.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 uipglob.semasio.net 1 redirects public.servenobid.com
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 openx2-match.dotomi.com 2 redirects
2 ice.360yield.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 image8.pubmatic.com 2 redirects
2 bh.contextweb.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 sync.smartadserver.com 2 redirects
2 dmp.adform.net 2 redirects
2 csync.loopme.me 2 redirects
2 i6.liadm.com ssum-sec.casalemedia.com
2 ssp.disqus.com 2 redirects
2 ap.lijit.com public.servenobid.com
csync.smilewanted.com
2 ce.lijit.com 2 redirects
2 eu-u.openx.net adpushup-d.openx.net
genieeintl-d.openx.net
2 cms.quantserve.com 2 redirects
2 sync.go.sonobi.com 2 redirects
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 sync.taboola.com am-match.taboola.com
2 sync.springserve.com sync.teads.tv
2 capi.connatix.com 1 redirects www.bg3.co
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
2 fonts.gstatic.com ad.vidverto.io
2 fonts.googleapis.com securepubads.g.doubleclick.net
cdn.taboola.com
2 prebid.smilewanted.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 am-wf.taboola.com vidstat.taboola.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com public.servenobid.com
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 tr.blismedia.com eu-u.openx.net
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 ads.stickyadstv.com 1 redirects
1 cm.adform.net 1 redirects
1 u.openx.net 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com 1 redirects
1 c21lg-d.media.net contextual.media.net
1 pixel-us-east.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 id5-sync.com ssbsync.smartadserver.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 hbx.media.net 1 redirects
1 cs.admanmedia.com public.servenobid.com
1 sync.technoratimedia.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 static.smilewanted.com csync.smilewanted.com
1 cdn.contentspread.net hal900014.redintelligence.net
1 cs.media.net 1 redirects
1 eb2.3lift.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 hal9000.redintelligence.net googleads.g.doubleclick.net
1 g.c.appier.net 1 redirects
1 rt.gsspat.jp 1 redirects
1 studio-t.teads.tv www.bg3.co
1 vidstatb.taboola.com www.bg3.co
1 audiencedata.im-apps.net dmp.im-apps.net
1 beacon.krxd.net sync.teads.tv
1 aa.agkn.com sync.teads.tv
1 idsync.rlcdn.com sync.teads.tv
1 tags.bluekai.com sync.teads.tv
1 loadm.exelator.com sync.teads.tv
1 hb.yahoo.net www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 imprammp.taboola.com vidstat.taboola.com
1 69d8865750481cae990fdef0482a216f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adx3.adform.net imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 prg.smartadserver.com ad.vidverto.io
1 inv-nets.admixer.net ad.vidverto.io
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 hb-api.omnitagjs.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 16df40c7387f574a836dc77d62300e82.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 cs.chocolateplatform.com Failed googleads.g.doubleclick.net
0 static.bg3.co Failed www.bg3.co
587 205
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-16 -
2024-11-26		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2023-03-31 -
2024-04-30		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
contentspread.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 111 frames:

Primary Page: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Frame ID: 3DC614E5F2091BCD7C6DF0D2D654CA8D
Requests: 196 HTTP requests in this frame

Frame: https://16df40c7387f574a836dc77d62300e82.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C31925E12B96DF41B2B8EB7BD6B38FE9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuS0XV9mZ-3zdhLmBmeqqnPL_bjisvBBneFWMdaJkwvBTL-Ewb5PwJKDRW5aGzlhKjt7lWZyelyF0Xct8CP4CdGI0Hn6XEDzWJC-7mnfXRkGzlzOKoxdiN89boHO7WR20MCglwOdjxsdW05XG5BP4cxGnpHqWl6vpYkcXRoWU0JNKDlQxaVbKIC3wqjqtjws6RXN6EK52_6HVqmhLW7DCbUfSlENIxjNoO3gDhtZa2OWGsmTE5Xil1grcQzUrUrIjYHrQfBkWyZAncyqFO85ZlvQZ4u8Z9Yfjp8MilDGpRcHSdS7DU24IIsWV_BTg7Xp4QlbA&sai=AMfl-YTHoHpAiABx7LTPNbUO1F0tzKrXj-KHupw9qvrNLPRpwirNpevjWwhtKZwX1rOot8M35goRfGL-NHq9KZXbcMOg6vDsKSVW0CB0BrMJbXk0F9OQ-s6Pv8Jg3OVPM0FZndLqxD8BZybNblRMUEQXfI8&sig=Cg0ArKJSzEHvlKiYsQWkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B93C2B746E878B91FBF9F00DF77B1E64
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: FD407B42D5B8A2D4774042C35E00AEF2
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 3E8AD69C8D9B452988FF5BEEFC2919DB
Requests: 2 HTTP requests in this frame

Frame: https://js.genieessp.com/t/551/001/a1551001.js
Frame ID: 0485643BF6587D8383EB58DC41FC85C7
Requests: 16 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: F2DC8D688A4B80FD1434E3D6ADAEC7C0
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 3838A9F0AF44A3C52F97F801ABBB6AA0
Requests: 20 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 6BEC049C44AC969664A55EE003D11295
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 51FDA923EF7EAA79E66FAFF83301EE32
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJ22MZpMwY3Vq5YQ3cujcy2xPNWjxWCCoh6V55OkZ_mdf7WyGxi6mzewQtE3qoU0p7UqUTcOU2AkrH8rNJ4U1rvVKa4FxZE4bPb_SkozZaPlhali_aHzmJq7o7MVtrTFoaMf_2tNpNNGRfwkwSLuieF2q2ArWIevRzVU9KQAR9SBVhC0AtDuiGDmC58QlCwhMDEHYnB65Xf2kdo29Az5LCeL_LMZALEIG4-RVjjH3FSHxKDLk9_JnE5rcF2uH9XbHkINlTk7DgTyr-Qv4reh4RQh5FlyqSxCi4RGQeeqqpsYie67qXMLh4-inHnXRyJ-5uMR_u2tc-ZjKU1VYtmI1VAx9E-Ey8&sai=AMfl-YSB3YwRWy7w37-ZWGpqwOHeT9k9wyK_iZdcqUt5IUPlGyl6vwjg7NsVItbhSWdxqviJIAPxjh_uflVmkIBvmCfUUQRMOHOpI534CR-hrHEAmfE1fd7yE7Zi64SXpQ&sig=Cg0ArKJSzNPJP9DQqWGEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 36E34D528455C5D2E114AC94004E4CFB
Requests: 23 HTTP requests in this frame

Frame: https://a.teads.tv/hb/ad/2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15
Frame ID: 9B692E3E8BFBA141E5F0DC182C2B7199
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 743C813F13903D51BD257D404B5665B7
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: AF1BBA20D90876C1AC88676BB1836F1E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 13A3EB5FC7A78584EACBC3EC5E5A1B7B
Requests: 1 HTTP requests in this frame

Frame: https://69d8865750481cae990fdef0482a216f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3F18C6F56BD60E9C48AFC3F9C91E5F8C
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&cmcv=&pix=undefined&cb=1700502924197&uv=3358&tms=1700502924197&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=faf6ae47-1080-4131-b7bb-f2a07214b3e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B353DEF5F14C6E2B991BAE6AA125563A
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: DB18B52027AF47BFF6BB67B2BCECBA90
Requests: 3 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Frame ID: E41AAE39082FA2ECD384F82573D45432
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: B7100BE85D47FFAAB9EBF41EDFD81EF9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 7C6090C17922D36D4B46464916DB1F87
Requests: 3 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&viewerId=c0f93223-cbb5-4583-97be-40ac58427f7e
Frame ID: D764435EB7F3AA350F9F29BAD4F4A5C5
Requests: 7 HTTP requests in this frame

Frame: https://s8t.teads.tv/creative-3e442a30-6032-11ee-be32-437230130e01/performance-image-dco-b6088ce9-c884-49d8-a1f8-e88c9fce3992.jpg
Frame ID: 74A7C27DE1250E7142710054AC4E94A3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67355C2196EBD72A14AA20AD49CC3D9A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B0458FA73D6DCEFBA8491BBC4D5C0438
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Frame ID: 0C5F448EE6A25230A0999C3BD1315638
Requests: 17 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9F58199B419D363F090226B31FF61B69
Requests: 2 HTTP requests in this frame

Frame: https://s8t.teads.tv/vpaid-builder/performance-single-video?1286
Frame ID: 70E227AE56FE61E6E2CB7D5C12BA7FF4
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: F047FB0A941C1C7D9C14C21D9210E215
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: A0AA6F4E3D8E6364826BBE6612E68821
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3FD15BC77CAC9F56AFE594D96FBFC48E
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 742161C27605D303D7C6A6D9464F1394
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 8552F86842B7DB96C703283175DA0CBA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX1qVnirgspmjqDNsQIcG7ZW8staNVFNiIN6LbpKrWQJu2FBon1QpahL2Fv1cMNZdxir-hmDfEddKao7x31XJEgPM-fCQ
Frame ID: E77E854A6864BBD75F4A8D65C35AB813
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 535535A6EB55C44E1BA816D27341AB52
Requests: 3 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=16595000168376004438458012514014&a=6079f4fd
Frame ID: FF1F11BE9D9B742AE7CB9AAA4448603F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 310A30625061D8EE074E1F09FD26B041
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 659C028A23A91762BD8B3EF875B415AC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8CAD749C72982889483DE78A01369398
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 71DBAF38B10ADFECEEB1D68019EBF996
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3BD81E2EBBFACD3437494AA36E98C777
Requests: 13 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: A55FD6915C6A5A531B190783A4DF28B8
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700502922841
Frame ID: 08CF9DB0E7B2FA6E327B9F5C0DC0A588
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 345E7896450D4CD82C34B7065B11F3E3
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 947D4256ECFAEEB0EE85587FA2EDDEAE
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 4D2E0413A26FCD4DC667BD32DE4E850E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D72B96157E742AE480EE60EA264D2645
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B0E3411E3AC9B22927A1922E8A15F81B
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 3F0AA671E9A33B035598E20B60276DF8
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 894D0F1BB1EE225A2E39FBC1AFFA136B
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 537423E0382E49AFAACF2C38D7D71195
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: E54B8F8758F3BDD464E639A06AED8966
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 13FD16D261528CEE0022536A991CC35C
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 53E03EBF2BD1626384A6F52ACF66F329
Requests: 23 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: E6A4EB305D4AC8B93E68F037F66ED0DF
Requests: 2 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: A8FC79CF057301D2B8821FD737324532
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 3AFFC5132C7598EFAE277502EB9E3163
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700502923120
Frame ID: 0183327F5DEABC3C03C87252CC3FAAF6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 35A53005160A4DA54E0E21DA4A4425FB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/4304418943288873880
Frame ID: 956650F7E83DC3CBDE324E9A9B3C888F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7556108170959009897
Frame ID: DCBD4014F0B160E00425BDE9BA56DCB5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=8486070677431234590&gdpr=0&gdpr_consent=
Frame ID: 4085939DCCB90CAD388CE2A76AC132F8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMmY1MDVkMS1hYTEyLTQxMjUtYWYyYS0zMjUxM2E1YmQzYzk=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: CCA0948888DDB26FE2B9C376F84F2B20
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 239393A57808B70ED1CD542B81A0C48D
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 48CF77D8AC8E323F0E4871962A7C97FD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVudj8Co8YsAAKnMWpkAAAAA
Frame ID: 6EEBB5B0335504D862793C3181713BE6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg&pi=gumgum&tc=1
Frame ID: 46632BB095BF089D8F331A8A6001D286
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B983F3AB6A9C15212F1C264BBF8FD541
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP77J8SG-1V-AUHK?gdpr=0
Frame ID: 033DD1F40A2BB6635F436B7BBC7D7C41
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 8AFC00E58ACB4E3577338658ADA04311
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8DB464D2C8F7195CDA30330201965C9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1BD2118AC34EA2153CCAF26237932A25
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c49f655b-9d8e-4800-a653-2936d3d2309f&gdpr=0&gdpr_consent=
Frame ID: A333D3F89C1DFAC833C09B8C2A70EB69
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 76B19832345D111EFC327E12AA8BEE2F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&redir=true&gdpr=0&gdpr_consent=
Frame ID: 822D40E8C95703C1D4703069FC54AE35
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TxQahUBFF4VUEU6GTEUC30FAF9ZUQxfVTBKgdTO6
Frame ID: 6E79DDB4E3EB67F2DB8020637B01E0DA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7556108170959009897&gdpr=0&gdpr_consent=
Frame ID: 682BEE23192247D6FD5E1D4B50DC1189
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303604453951010958&gdpr=0&gdpr_consent=
Frame ID: 4B60B71F8479BF69A2AE8760564F4D85
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=A4MJJV-9U7VmTq57n7gyaS0M3qo&gdpr=0&gdpr_consent=
Frame ID: A5938EBD7194FB49BDFEBCF5DAD5B393
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: CEBE793ACF6E306BBC5B01C7544357B3
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Frame ID: 7470C50C4C92E815599CEA6608FFD994
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU991f4db496004d1198f04dae1ab2189e
Frame ID: 7377BA42E1E41FCA6BE79E2215704315
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: E0A4EE249CEDCB2C8884E32607AF663F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVudjgAAAXy3YwBH
Frame ID: 736BC576D261FCE605850F142BEEAE68
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 80BEBAB344F2F618A5CF61EE4B409FBB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 87E64287CF851DCCBF145F4431C250DB
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 024219EF2C736DEC23F852EAA3ABAD38
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5492443256410026847
Frame ID: 02B049DF3B8C2BB32698F10B9847DDBD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831091986616
Frame ID: 8DFB054965DCEF9AAA8045B7B3372366
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 0003F8796AF98D9B963B66DE81C9A44E
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: E9CA7118A6896E7B2C909E7664EDD265
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Frame ID: A16FE6E1BB89B84C982A423F7D29DB13
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/6f138580-fc19-4d0e-b133-6e8a01315029&partner_id=1010
Frame ID: 2B83863C2F780111179B3CB3478F5E6C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/d14fd088-1731-0771-3ebe-42d6d3cd6b24
Frame ID: 0086DFCD5214BBA70FD6902911F96D63
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: DB2C380E5D4FE5AA16238572FE7D1843
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/8486070677431234590
Frame ID: 7CF950806D28A379D83B6F5B55FEFDD4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 2F3786C8785EC1147DD209005144F995
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg?pi=smilewanted
Frame ID: 9CB83F376E0F77F171A6B9C227CADCBA
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Frame ID: A09D9CB7728F3021AFAB42FB8CB43C40
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=
Frame ID: 63A295A7F51DF85FD0A5DEC94AC07B1C
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: B427C92CDE24DC7CD1216F54DEC3BF41
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 042259A7E659BF52EED058FA0FAD8E55
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhgTUQjMhgXhjTbXh&gdpr=0&gdpr_consent=
Frame ID: C493FC02B866A8CE136058E46CD26C78
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: EEF99A40D619268A98E5CBF495334D68
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E008A0E856F74B93B76C7D7DD89451C8&gdpr=0&gdpr_consent=
Frame ID: 7F513B5BAA3A2B3FC442587998F8498E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5010962321
Frame ID: 78F599A3EAF17AA4D0A22A1AED8F81DD
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Frame ID: 6E9F9D64247D64BB6E06426E019D068A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Frame ID: D9D37589EFD6188FC8431B0D3D0B60B8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Frame ID: C22AB553CF73AB8912C863C75633BBC7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Frame ID: FF0F9D9445708C8B37CA76A1EAE9D0A0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Frame ID: 3AAC775DC558DE49E2375B424900E9DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

濫權訴追竟無被害人 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

587
Requests

76 %
HTTPS

24 %
IPv6

121
Domains

205
Subdomains

123
IPs

15
Countries

8404 kB
Transfer

22270 kB
Size

210
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 99
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=4d7b4bec-080d-46ae-b75a-1b18da32d324&p_id=23
Request Chain 100
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=30c62474-6efb-4d74-9543-7ea0e83e191c&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=30c62474-6efb-4d74-9543-7ea0e83e191c&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-lZkXBrCcLgzWs1YIa4IpN1a46o1sokItS_YD-Q&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=e05e85ff-7eb9-427b-9938-7e0525b78b11&p_id=15
Request Chain 117
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 202
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP77J8SG-1V-AUHK HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP77J8SG-1V-AUHK HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 225
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=H-KiU7pbQ9aGqk2EURqvdQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=H-KiU7pbQ9aGqk2EURqvdQ
Request Chain 227
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA3N0o4U0ctMVYtQVVISw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqVdUkurxEM5ea8DUwDgOQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA3N0o4U0ctMVYtQVVISw==&google_push=
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDGviqcW8mSDBK3gSX-aA4Y&google_cver=1
Request Chain 229
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP77J8SG-1V-AUHK&ex=d-rubiconproject.com&status=ok
Request Chain 230
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP77J8SG-1V-AUHK
Request Chain 231
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Zlgab7NQONIAjJKjvrOEtsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aGXvt9tE2oI1dxi1ytf1wePYenD9jgDWvfm0Ig--~A
Request Chain 232
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTliNDY1MDg5NzNjYTA1YWMwNjQ5NWU5MTRlMDU1Y2QxYmZmYjdmZg
Request Chain 233
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3yYiQ_VuRxehAVE_JYyJIw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3yYiQ_VuRxehAVE_JYyJIw
Request Chain 234
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADxMk7KtzsAABQONn-9lA&expires=30
Request Chain 235
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP77J8SG-1V-AUHK&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP77J8SG-1V-AUHK&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 236
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP77J8SG-1V-AUHK
Request Chain 237
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP77J8SG-1V-AUHK
Request Chain 238
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP77J8SG-1V-AUHK HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP77J8SG-1V-AUHK
Request Chain 239
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP77J8SG-1V-AUHK&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP77J8SG-1V-AUHK&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Kd0VNZWRwRTJ1RVd5bl9FSGREZjNBWmttU3RUMkJzbX5B&ovsid=LP77J8SG-1V-AUHK&dpid=58160
Request Chain 240
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LP77J8SG-1V-AUHK
Request Chain 264
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1700502924416 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzBmOTMyMjMtY2JiNS00NTgzLTk3YmUtNDBhYzU4NDI3Zjdl
Request Chain 266
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1700502924416 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=03756b21-2b69-45ce-9f52-1d1a26c25b03&gdpr=0&gdpr_consent=
Request Chain 267
  • https://pr-bh.ybp.yahoo.com/sync/teads/c0f93223-cbb5-4583-97be-40ac58427f7e?gdpr=0&gdpr_consent=&_t=1700502924416 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-zCW7pS5E2oQBOBN2xfiSGlNcVBklRxx8brE-~A
Request Chain 273
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent=&_t=1700502924416 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=c0f93223-cbb5-4583-97be-40ac58427f7e
Request Chain 274
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1700502924416 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzBmOTMyMjMtY2JiNS00NTgzLTk3YmUtNDBhYzU4NDI3Zjdl HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 283
  • https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700502924249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_pre=CJqDi4aT04IDFQW7ewodjiICfA;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700502924249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 292
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700502924501 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=03756b21-2b69-45ce-9f52-1d1a26c25b03&gdpr=0
Request Chain 293
  • https://pr-bh.ybp.yahoo.com/sync/teads/c0f93223-cbb5-4583-97be-40ac58427f7e?gdpr=0&_t=1700502924501 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-phvMvChE2oTt9LudjPX.D2X9e47CcozqLh0-~A
Request Chain 294
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D19%26uid%3D%24UID&gdpr=0&_t=1700502924501 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.teads.tv%252Fum%253Ffp%253D1%2526eid%253D19%2526uid%253D%2524UID%26gdpr%3D0%26_t%3D1700502924501 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=19&uid=7556108170959009897&gdpr=0&_t=1700502924501
Request Chain 295
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=1700502924501 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=c0f93223-cbb5-4583-97be-40ac58427f7e
Request Chain 296
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700502924501 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzBmOTMyMjMtY2JiNS00NTgzLTk3YmUtNDBhYzU4NDI3Zjdl HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 302
  • https://pr-bh.ybp.yahoo.com/sync/taboola/f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-zs5ZFtNE2oQ1qT5LEj3Nl7ncOgqtvxlgE0FsIg--~A
Request Chain 322
  • https://pr-bh.ybp.yahoo.com/sync/taboola/f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-zs5ZFtNE2oQ1qT5LEj3Nl7ncOgqtvxlgE0FsIg--~A
Request Chain 341
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=ef5a6cb8f6f6993411e2f080255de18d
Request Chain 342
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybAyBFaRei72BmYKxO-gTZdVaJTrqZ7boBHAwRstMXbAxIA5StOEdDK6zXk4uJJZZfcQ&format=gif
Request Chain 343
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5p4VRfLTDksQfKhV6VBZeWWgvxDTYGW88g7Vqn7IBBFgBfuqsmaE_NK_nQe50reeg&format=gif
Request Chain 344
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=h0w6yiNGBI6SGBXcjp1bZQ
Request Chain 358
  • https://genieeintl-d.openx.net/w/1.0/acj?ai=cbe53081-409b-4d01-bfd7-a7beaa670673&o=4587792331&callback=OX_4587792331&ju=https%3A//www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1 HTTP 302
  • https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=cbe53081-409b-4d01-bfd7-a7beaa670673&o=4587792331&callback=OX_4587792331&ju=https%3A//www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNKxwzyknnU7kP0U2OTmn0&google_cver=1
Request Chain 361
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVudjV.RVDLcnq5IycOZiAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNKxwzyknnU7kP0U2OTmn0&google_cver=1&google_hm=2
Request Chain 373
  • https://hal900014.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=13538040ac&subid=&uid=d63923d7dca1515b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkQmZjJ1bZbbZK-vsn88PyoGO-AWRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAmUsfi4iU7I-qAMByAObBKoElgJP0FZ0O9mn3sOsEMwPZfZLExIe3OIZq1EJluD1whF-d0jbt8w6kJa_EPbgAQAmTozQoUmWkWRy1ZpjjIaqaoyN-HRh6654co64kGiLcOBALqBv33NObnHOb-IlqsJz3FnNLy3LEhkvVO4fQUt-8oSJACMEfi9XGHkU5aI10UvY1ompbNaJ8ljIStpZ3piXNH9MJ9ntmRARxV0adrzSg4f9sZ8j5Mo3--LBjM1TNUXG3DrogbqEYqScCc5AdltmAQZvz_8SLpCTdVxZkXzkF1DGfvG3zTfVy7LBNtXx0An1ob4Pr3ldPOPy_Hh3m5_UT1nuufQ76Q4WGLJG2VCqkE0iJwFyFNpWHRcJZ3o0XF-MO4Is5JJ9E8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN6DyVl0-PejR9KqH9VqOtW7IKGZphMwBYSpmwPOHWKwQA_ulNZd-25h-Qutzvf-EKjFHHSFSEGAE%26sig%3DAOD64_0BlXvQtXBf1TYq84SHGH-6yhDsNw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A1AkHTvFzzhJcOUOWAo-cwbC9cTR2pQvns8XGKi_TfwU2ES9-n72rXPjSu3HIop4IrG_2J6454hZP5Y-P4gpb2JHp5X4fSwhRTdjgIlx4wr4ibk8lR2tulWETWFJc1_CrcTi2qdUJksio9ZfTbqz3TxBynwUz08lM6rFf4360eUuJoCuY%26cry%3D1%26dbm_d%3DAKAmf-DXQ1ZTd8T6mcgje2C5kvKpPaUqeSx5lElkonR7HIolWXF2bG3hv0_CACI1SXWDV542BFs-kA6VmCoITfeIdXP66iU10jn2-v_UmokOlnuTCFn-U-WWOlo_9UUhwucIzVfLV4lv1Nl4KoLN3tYpSCypPtQoA7j8lLpowNGyS_hu19NlYo9cUeVfInDioTbCFQZ_U-cZ725IldIRSJm2YkHGGJ1NleiSUg2zBw0snFiNHa97VWlwiYUsQWx0ejs1e0AtUilMdh7-YDcQ0Vkjnxy1hUPdlob4yf2FqmWqrKKyZrnXrl29v0007MO74rZYoO6PTNHWIkiYiM_0OECLztRcWbF5hRUVuXYTCSG5Wm8vBjL_yB-eeOOUSiuULbe2w7VibzehGDXmzeEK_W0ARCnHDQcloh7YTG3SN3GVPkFzohPOnF6gISxGxgA9nEl0dIpHe141_Si1BlOPyR0go2O6GmtWjYl8Gi9p6u_Lhvz1zJ9SXrDpR4s7BJzFM9LRxOHB3_Iu9OB2F0fRGUCurlqQv-6SNxgHVLFQrC4861pcg5p_mCk9zLOLyR--USqRB9RoAZK9n8EdVI7LIvZVdWUI_WULLAaRXIjVqfiZncP1cTWihNA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9987880087328&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900014.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=13538040ac&subid=&uid=d63923d7dca1515b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkQmZjJ1bZbbZK-vsn88PyoGO-AWRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAmUsfi4iU7I-qAMByAObBKoElgJP0FZ0O9mn3sOsEMwPZfZLExIe3OIZq1EJluD1whF-d0jbt8w6kJa_EPbgAQAmTozQoUmWkWRy1ZpjjIaqaoyN-HRh6654co64kGiLcOBALqBv33NObnHOb-IlqsJz3FnNLy3LEhkvVO4fQUt-8oSJACMEfi9XGHkU5aI10UvY1ompbNaJ8ljIStpZ3piXNH9MJ9ntmRARxV0adrzSg4f9sZ8j5Mo3--LBjM1TNUXG3DrogbqEYqScCc5AdltmAQZvz_8SLpCTdVxZkXzkF1DGfvG3zTfVy7LBNtXx0An1ob4Pr3ldPOPy_Hh3m5_UT1nuufQ76Q4WGLJG2VCqkE0iJwFyFNpWHRcJZ3o0XF-MO4Is5JJ9E8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN6DyVl0-PejR9KqH9VqOtW7IKGZphMwBYSpmwPOHWKwQA_ulNZd-25h-Qutzvf-EKjFHHSFSEGAE%26sig%3DAOD64_0BlXvQtXBf1TYq84SHGH-6yhDsNw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A1AkHTvFzzhJcOUOWAo-cwbC9cTR2pQvns8XGKi_TfwU2ES9-n72rXPjSu3HIop4IrG_2J6454hZP5Y-P4gpb2JHp5X4fSwhRTdjgIlx4wr4ibk8lR2tulWETWFJc1_CrcTi2qdUJksio9ZfTbqz3TxBynwUz08lM6rFf4360eUuJoCuY%26cry%3D1%26dbm_d%3DAKAmf-DXQ1ZTd8T6mcgje2C5kvKpPaUqeSx5lElkonR7HIolWXF2bG3hv0_CACI1SXWDV542BFs-kA6VmCoITfeIdXP66iU10jn2-v_UmokOlnuTCFn-U-WWOlo_9UUhwucIzVfLV4lv1Nl4KoLN3tYpSCypPtQoA7j8lLpowNGyS_hu19NlYo9cUeVfInDioTbCFQZ_U-cZ725IldIRSJm2YkHGGJ1NleiSUg2zBw0snFiNHa97VWlwiYUsQWx0ejs1e0AtUilMdh7-YDcQ0Vkjnxy1hUPdlob4yf2FqmWqrKKyZrnXrl29v0007MO74rZYoO6PTNHWIkiYiM_0OECLztRcWbF5hRUVuXYTCSG5Wm8vBjL_yB-eeOOUSiuULbe2w7VibzehGDXmzeEK_W0ARCnHDQcloh7YTG3SN3GVPkFzohPOnF6gISxGxgA9nEl0dIpHe141_Si1BlOPyR0go2O6GmtWjYl8Gi9p6u_Lhvz1zJ9SXrDpR4s7BJzFM9LRxOHB3_Iu9OB2F0fRGUCurlqQv-6SNxgHVLFQrC4861pcg5p_mCk9zLOLyR--USqRB9RoAZK9n8EdVI7LIvZVdWUI_WULLAaRXIjVqfiZncP1cTWihNA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9987880087328&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 393
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELpKdiXNbqMTAwJsjO6WDSw&google_cver=1&google_push=AXcoOmQTooCzuhIi34tRIrxoTA50kMiEXzAwYYqG6-BuKYpFPqJGGX-zvD1YPebj4GqTbMSDwbYatHk8L3deFcIAwIY9B5MZERQmICoOpob3nSb1SgXhzk9sIcSO55uu-FComVg36bQ5kH_2tbg_0DsVxr1n HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELpKdiXNbqMTAwJsjO6WDSw&google_cver=1&google_push=AXcoOmQTooCzuhIi34tRIrxoTA50kMiEXzAwYYqG6-BuKYpFPqJGGX-zvD1YPebj4GqTbMSDwbYatHk8L3deFcIAwIY9B5MZERQmICoOpob3nSb1SgXhzk9sIcSO55uu-FComVg36bQ5kH_2tbg_0DsVxr1n&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Du6fM3PfSAqWCNP6_FCzmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQTooCzuhIi34tRIrxoTA50kMiEXzAwYYqG6-BuKYpFPqJGGX-zvD1YPebj4GqTbMSDwbYatHk8L3deFcIAwIY9B5MZERQmICoOpob3nSb1SgXhzk9sIcSO55uu-FComVg36bQ5kH_2tbg_0DsVxr1n
Request Chain 394
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqVdUkurxEM5ea8DUwDgOQ&google_cver=1&google_push=AXcoOmToWDxflblF-72oJZrbwweDE3zoy5VyVj_GOaYHduGyVagpvbddQciObhNktvERKYR72EhpNOE7bZjXCSlgL5Qt_Ss7_vZDFh8Jkvv7RnrlIjaZvmVMRPWZ3S6H2aEjXANTNWko8RBz56IwDBsO5VVj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA3N0o4U0ctMVYtQVVISw==&google_push=AXcoOmToWDxflblF-72oJZrbwweDE3zoy5VyVj_GOaYHduGyVagpvbddQciObhNktvERKYR72EhpNOE7bZjXCSlgL5Qt_Ss7_vZDFh8Jkvv7RnrlIjaZvmVMRPWZ3S6H2aEjXANTNWko8RBz56IwDBsO5VVj
Request Chain 395
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_cver=1&google_push=AXcoOmRmm74wnmpQqoqDAosryxG3QrNKEBLdRyTt1yh-V0RR125i1n2IYZJGExsnL9clmsLJZ_BOl2VatKumcytLYyW6Wuskse8KXnn271rg2xHvPPXnEcoTsOhm-x-nSjnoTWZNnbdAhWudqAYhc6q3NVgH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_hm=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB&google_nid=index&google_push=AXcoOmRmm74wnmpQqoqDAosryxG3QrNKEBLdRyTt1yh-V0RR125i1n2IYZJGExsnL9clmsLJZ_BOl2VatKumcytLYyW6Wuskse8KXnn271rg2xHvPPXnEcoTsOhm-x-nSjnoTWZNnbdAhWudqAYhc6q3NVgH
Request Chain 396
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRDma32JKzYgmvUVJVJ2JwQVeAQy2psmjo9XzayMKTjmW8ybsR7EYeyE1mUsewfuG2wIfBeYGdDt1mVRItlMrYuFUge4XZ9xLHrcMX5poeDCSp70DD3YVHsbgHXC1XJktAxgQ9jvurF5C5i1NXh10X1%26google_hm%3D%5BUID%5D&google_gid=CAESEKZ5xtGjK0agVhNSdPk3JUk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRDma32JKzYgmvUVJVJ2JwQVeAQy2psmjo9XzayMKTjmW8ybsR7EYeyE1mUsewfuG2wIfBeYGdDt1mVRItlMrYuFUge4XZ9xLHrcMX5poeDCSp70DD3YVHsbgHXC1XJktAxgQ9jvurF5C5i1NXh10X1&google_hm=a3755448-e6af-471d-b6cf-ab36a788ad65
Request Chain 397
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGl2QMS-ztWR6k69QrPN8s0&google_cver=1&google_push=AXcoOmRTnpQYLPtO_KpGxoDbqTqvAaUhyPmRNwdUcP-STsBxdpqOJS8U9yUqdVygcFjCr9pO0v2GesnylIC98FRriUfPmkcRe5LVPf1OutGHhivLUq4t_nKYOBWI90-O86drqgWzJeWJy8tzLHqEshUHmxR5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNTA0NTI2MTgxNTQ0MDAwMFYxMA%3d%3d&mn_hm=MzQzNTA0NTI2MTgxNTQ0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRTnpQYLPtO_KpGxoDbqTqvAaUhyPmRNwdUcP-STsBxdpqOJS8U9yUqdVygcFjCr9pO0v2GesnylIC98FRriUfPmkcRe5LVPf1OutGHhivLUq4t_nKYOBWI90-O86drqgWzJeWJy8tzLHqEshUHmxR5&gdpr=&gdpr_consent=
Request Chain 399
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEcKgw3diVwNNEWTdG_jnGw&google_cver=1&google_push=AXcoOmQixOa5uOIDt0kS0cBPEROOvKd_3WhiI-17MEUhCE1m7MyDwQGURMtF3Tg_ghQjiiAXU6ZVHi_-I4MM1ad1DkhhLjxAUYdEsV6DR9aYy5i-5Ysv7d1iDG0SPIB1yCGopBhzrLasRX4PraxxJT8RFoQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQixOa5uOIDt0kS0cBPEROOvKd_3WhiI-17MEUhCE1m7MyDwQGURMtF3Tg_ghQjiiAXU6ZVHi_-I4MM1ad1DkhhLjxAUYdEsV6DR9aYy5i-5Ysv7d1iDG0SPIB1yCGopBhzrLasRX4PraxxJT8RFoQ&google_hm=NDMwNDQxODk0MzI4ODg3Mzg4MA%3D%3D
Request Chain 405
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=tF8CsrsOD7KvWlaxtw4a6LoLD-GvCA_it1mJVlGR
Request Chain 406
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8394888110786465475
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB2nWZQEki_uZTknXTfBPiw&google_cver=1
Request Chain 418
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 423
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7556108170959009897
Request Chain 424
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HsGTsRZH2hLJHmrASH6WgUUw
Request Chain 426
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700502926562 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5268762104 HTTP 302
  • https://sync.1rx.io/usersync/turn/2736676649113416841?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003
Request Chain 427
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5133329528908106811
Request Chain 428
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=4bdc22aa-a15c-4535-b338-bb9abfaaf84b
Request Chain 429
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 430
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
Request Chain 431
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-07acc685-4430-31cd-88b7-42efcc982bbe&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUyAiIYOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 307
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUyAiIYOAE= HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-07acc685-4430-31cd-88b7-42efcc982bbe&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUyAiIYOAI=&gdpr=&gdpr_consent=
Request Chain 432
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
Request Chain 434
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_cver=1
Request Chain 437
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVudjV.RVDLcnq5IycOZiAAA%261155&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVudjV.RVDLcnq5IycOZiAAA%261155&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=890217f6ad1141378faccf263304fa57 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
Request Chain 439
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZVudjV.RVDLcnq5IycOZiAAA%261155 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=21088bb5-4ece-42ca-9b18-fd262a6fde54
Request Chain 440
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2736676649113416841
Request Chain 441
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8486070677431234590&expiration=1701712526
Request Chain 442
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=
Request Chain 446
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVudjV.RVDLcnq5IycOZiAAA%261155&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVudjV.RVDLcnq5IycOZiAAA%261155&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=cba410787849492b8bc2acda91eb998e HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
Request Chain 448
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7556108170959009897
Request Chain 449
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB
Request Chain 451
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831091986616
Request Chain 452
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 453
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZVudjV.RVDLcnq5IycOZiAAA%261155 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=c5d70d9a-daba-4f1a-8c27-d6dba23af512
Request Chain 458
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTg4MTU4MzE2NTQ3NzM2MDQ1Ng==&gdpr=0&gdpr_consent=
Request Chain 459
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=de23d351-6c13-4ca4-8c6f-70b306f98092&gdpr_consent=null&gdpr=0
Request Chain 460
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWQ1S3NvNGRoLTlSZGVsajJEZU1WSkhYQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkNUtzbzRkaC05UmRlbGoyRGVNVkpIWEEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkNUtzbzRkaC05UmRlbGoyRGVNVkpIWEEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkNUtzbzRkaC05UmRlbGoyRGVNVkpIWEEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8486070677431234590&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkNUtzbzRkaC05UmRlbGoyRGVNVkpIWEEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=ed5Kso4dh-9Rdelj2DeMVJHXA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=4304418943288873880&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 463
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/4304418943288873880
Request Chain 466
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7556108170959009897
Request Chain 467
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7556108170959009897
Request Chain 468
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d2f505d1-aa12-4125-af2a-32513a5bd3c9&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=a34ad13c-40c3-4dad-9df6-e0b0a9537f97&ssp=gumgum2&bsw_param=e05e85ff-7eb9-427b-9938-7e0525b78b11 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 469
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=8338b66e-0f41-01b9-1fb0-95d76521c210
Request Chain 470
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-03830925-5fbd-53b5-664e-ae7b9fb83269$ip$45.12.222.170
Request Chain 471
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-q.EtW.ZE2pe025yrhYPS6e3HlravZyqsFDWq~A
Request Chain 472
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=6f9fb69c-cc3c-4eb1-af48-4df4f3202324
Request Chain 474
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d2f505d1-aa12-4125-af2a-32513a5bd3c9&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_d2f505d1-aa12-4125-af2a-32513a5bd3c9&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=0G-e-Z_GRiozPO66r74s&gdpr=0&us_privacy=1---
Request Chain 475
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=T7JJaSR3mFqu&ev=1&pid=558355
Request Chain 476
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4304418943288873880
Request Chain 480
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=8486070677431234590&gdpr=0&gdpr_consent=
Request Chain 484
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVudj8Co8YsAAKnMWpkAAAAA
Request Chain 485
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg&pi=gumgum&tc=1
Request Chain 486
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 487
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP77J8SG-1V-AUHK?gdpr=0
Request Chain 489
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP77J8SG-1V-AUHK HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LP77J8SG-1V-AUHK
Request Chain 494
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c49f655b-9d8e-4800-a653-2936d3d2309f&gdpr=0&gdpr_consent=
Request Chain 495
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 497
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TxQahUBFF4VUEU6GTEUC30FAF9ZUQxfVTBKgdTO6
Request Chain 498
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7556108170959009897&gdpr=0&gdpr_consent=
Request Chain 499
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303604453951010958&gdpr=0&gdpr_consent=
Request Chain 500
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=A4MJJV-9U7VmTq57n7gyaS0M3qo&gdpr=0&gdpr_consent=
Request Chain 501
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_ef5d5f7d-0abe-48db-b904-0b4350188783&bsw_param=e05e85ff-7eb9-427b-9938-7e0525b78b11&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 502
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEeE1rN0t0enNBQUJRT05uLTlsQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADxMk7KtzsAABQONn-9lA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4304418943288873880&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADxMk7KtzsAABQONn-9lA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4304418943288873880%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4304418943288873880&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADxMk7KtzsAABQONn-9lA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADxMk7KtzsAABQONn-9lA&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Request Chain 503
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU991f4db496004d1198f04dae1ab2189e
Request Chain 504
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 505
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVudjgAAAXy3YwBH
Request Chain 506
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 509
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5492443256410026847
Request Chain 510
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831091986616
Request Chain 514
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Du6fM3PfSAqWCNP6_FCzmw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 515
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=&ct=y
Request Chain 516
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=321412512
Request Chain 517
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWQ1S3NvNGRoLTlSZGVsajJEZU1WSkhYQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8486070677431234590&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 518
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEVFRTlGMzMtNzNERi00ODBBLTk2MDgtRDNGQUZDNTBCMzlC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 519
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA9SCScFkKwmReRalVxHNtM&google_cver=1
Request Chain 520
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E008A0E856F74B93B76C7D7DD89451C8
Request Chain 522
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8486070677431234590
Request Chain 523
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZL998spE2uWvML9cESqeeqA0qDRYPZk-~A&gdpr=0
Request Chain 525
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=
Request Chain 526
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3d8fd440e6f51680&is_secure=true&networkId=17100&version=1&nuid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI2Tx6LN5eNwMDiSC0AAAAAAA&expiration=1700589327&nuid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 527
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2736676649113416841&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 528
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c5d70d9a-daba-4f1a-8c27-d6dba23af512&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 529
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/6f138580-fc19-4d0e-b133-6e8a01315029&partner_id=1010
Request Chain 531
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/d14fd088-1731-0771-3ebe-42d6d3cd6b24
Request Chain 533
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8486070677431234590
Request Chain 535
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=c6d8935b5dc6c4566981db2abad11&gdpr_consent=&gdpr=0
Request Chain 536
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Request Chain 538
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 539
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg?pi=smilewanted
Request Chain 542
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP77J8SG-1V-AUHK HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LP77J8SG-1V-AUHK
Request Chain 552
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831091986616
Request Chain 553
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVudjgAAAXy3YwBH
Request Chain 555
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?val=AADxMk7KtzsAABQONn-9lA&id=537125688
Request Chain 556
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=78699dcae0ac18e8&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIKWB9T6e1iwMIzYyNAAAAAAA&expiration=1700589327&nuid={OX_USER_ID}&is_secure=true
Request Chain 557
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=A4MJJV-9U7VmTq57n7gyaS0M3qo
Request Chain 558
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=q1OYIo7SgMGev8mNfmj57A==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 560
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 561
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg&pi=openx&gdpr=0
Request Chain 574
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 575
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ba76dcfba2bc712b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhgTUQjMhgXhjTbXh%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=dfd943413036012a42a6214e39ed5eaa&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhgTUQjMhgXhjTbXh%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhgTUQjMhgXhjTbXh&gdpr=0&gdpr_consent=
Request Chain 577
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E008A0E856F74B93B76C7D7DD89451C8&gdpr=0&gdpr_consent=
Request Chain 578
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5010962321
Request Chain 581
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 582
  • https://pixel.onaudience.com/?partner=214&mapped=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

587 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lan-quan-su-zhui-jing-wu-bei-hai-ren.html
www.bg3.co/a/ 		57 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d6709892abf725d0c0afe99541b81af7b7a5da9c7e8d316f4adda232b2f90bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:55:21 GMT
etag
"e5aa-wgOD4UwPueswUOsxlGGyPo6SuFk"
expires
Mon, 20 Nov 2023 17:56:21 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 20 Nov 2023 17:55:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73200
x-xss-protection
0
server
sffe
etag
"b209cac081bc437c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 20 Nov 2023 17:55:22 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 20 Nov 2023 17:55:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9651
x-xss-protection
0
server
sffe
etag
"e5d8e2e1a4e85f74"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 20 Nov 2023 17:55:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bceeddf482d81d5d39b556f3916d9aa9b3d977bfd76a5e40bee84d0f9c793bbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31446
x-xss-protection
0
server
cafe
etag
39 / 19681 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:22 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
591f9da9e69f2c310c1bfe78be2d8dc10fef75424694bb07adf1875a44b99171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91432
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 17:55:22 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 12:16:54 GMT
server
cloudflare
age
38355
etag
W/"655759b6-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8292903e987265a2-FRA
expires
Mon, 20 Nov 2023 19:16:07 GMT
adRecover.js
delivery.adrecover.com/43519/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
8b6f510c76d49c6b1f3ce31698a30b4ae9aa10b553c3c8306de4366eb42e012c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
age
10699
x-cache
HIT
x-client-device
desktop
content-length
11412
x-ap-device
DESKTOP
last-modified
Mon, 20 Nov 2023 07:59:29 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Mon, 20 Nov 2023 18:55:22 GMT
adpushup.js
cdn.adpushup.com/42753/ 		758 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
589e150142e83e2f29f2e50f019196f98e4546abdc0e94a6a15e0461dd2d8bdf

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
age
10699
x-cache
HIT
x-client-device
desktop
content-length
159692
x-ap-device
DESKTOP
last-modified
Mon, 20 Nov 2023 12:48:33 GMT
server
ECAcc (ama/48F2)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Mon, 20 Nov 2023 18:55:22 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		683 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0cc7bb53b6366a551e3994bdf3bc2787eb443193cd95841f12d957fbd58a5ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AJsd5OYUtUWN3yw7YAc0R0RQmmU5Y3O.
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:22 GMT
x-amz-request-id
GZCA7M244VWVFG5P
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
13
x-amz-replication-status
FAILED
content-length
57006
x-amz-id-2
bqe4CzGFnikEOhKLTereUSblEE4loY823OIIPuNtYPRvwjNLf21lFo/q0NQah9+yx+rouvwzMm8=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 17:55:22 UTC
server
nginx
x-timer
S1700502922.161255,VS0,VE33
etag
"47474f26f2a69bd92f0e3525b76582d5929c5866"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
32
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3498
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlrZS1QAGzevuVi9oN1ZPMHM7EEhf11W1QxtXkM%2Bw%2BQsSlc27atW%2BJZOQJson5lHN6nlwk7lpmOYqqzz8e341%2BJOfzBenvyr%2BbWsCccAImSrpG5FEhUp%2B%2BGqjb1R6aQkUHUIPlRMoN215H7bjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
82929042793a3a76-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
t.php
c.statcounter.com/ 		192 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=DDA8030365884F990108D26CC10A025A&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&t=%E6%BF%AB%E6%AC%8A%E8%A8%B4%E8%BF%BD%E7%AB%9F%E7%84%A1%E8%A2%AB%E5%AE%B3%E4%BA%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1873&sc_rum_e_e=1878&sc_rum_f_s=0&sc_rum_f_e=1870&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8292903ef8e965a2-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
25ab013cc209caf846a057d055993da6.jpg
static.bg3.co/imgs/202105/ 		0
0
0362872bf1f09a34ec3bf0c6e6b876e1.jpg
static.bg3.co/imgs/202105/ 		0
0
228d7b576326ee3f6d73f3d57350f942.jpg
static.bg3.co/imgs/202309/ 		0
0
a3bee0792a70f187e049b8c86d2a8742.jpg
static.bg3.co/imgs/202105/ 		0
0
85eda784e59507da4a13ed75e98a44b8.jpg
static.bg3.co/imgs/202105/ 		0
0
e501a6e91757a4f235143441cd9d10db.jpg
static.bg3.co/imgs/202309/ 		0
0
6bf5ad652007bd29027e25d245fb5121.jpg
static.bg3.co/imgs/202106/ 		0
0
e321bbdf3eb782802f56fb714a5b8a2d.jpg
static.bg3.co/imgs/202105/ 		0
0
fb1b883a5ccc78e3867c489b5b0a73b4.jpg
static.bg3.co/imgs/202106/ 		0
0
8618fec15820ef2d8116a66a1501306c.jpg
static.bg3.co/imgs/202105/ 		0
0
c454f9fd145ccb8483807508df6cb111.jpg
static.bg3.co/imgs/202106/ 		0
0
b4f53ecef0c48ed360f94000b96f3f3c.jpg
static.bg3.co/imgs/202106/ 		0
0
7b0ceb7843f8fd8457fe51866ce294af.jpg
static.bg3.co/imgs/202106/ 		0
0
4120a2b5f6ee313cb7d5a75b32e401e6.jpg
static.bg3.co/imgs/202309/ 		0
0
4a532341115027cf5d70b53edc9bb8ac.jpg
static.bg3.co/imgs/202105/ 		0
0
051214e0ed6f4e9bcb1cb206d62fb23c.jpg
static.bg3.co/imgs/202309/ 		0
0
19133474208ae957124467ab31d87274.jpg
static.bg3.co/imgs/202106/ 		0
0
267882ed1ec73d9f83e9b3495a64a631.jpg
static.bg3.co/imgs/202106/ 		0
0
a17a0fe8b3d356f8f0d385c771b67b9b.jpg
static.bg3.co/imgs/202310/ 		0
0
6f4f14fbc54fbe36193c56e5801ce169.jpg
static.bg3.co/imgs/202106/ 		0
0
dce482ca02ea5e525a6b031513458287.jpg
static.bg3.co/imgs/202105/ 		0
0
dc8b12cf3f577f406872d76ea73f2a56.jpg
static.bg3.co/imgs/202105/ 		0
0
f070e9b01ef90c35da1dc0318e3d40bb.jpg
static.bg3.co/imgs/202309/ 		0
0
22c7a3d7bfc264b3ec10e191db5f288e.jpg
static.bg3.co/imgs/202310/ 		0
0
2365b7a8def725548b7bd239fdad6618.jpg
static.bg3.co/imgs/202107/ 		0
0
1852d8399f79b11a054cc204c95aef9f.jpg
static.bg3.co/imgs/202105/ 		0
0
035d34ab641e15175295c77d96d7a7ed.jpg
static.bg3.co/imgs/202309/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 19:10:15 GMT
age
254707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"ebb1be4e47c7faed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 19:10:15 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 18 Nov 2023 09:04:44 GMT
age
204638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"3c281510b2fc8bce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Nov 2024 09:04:44 GMT
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700502921949&gcd=11l1l1l1l1&dma=0&cid=1495016026.1700502922&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700502922&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=%E6%BF%AB%E6%AC%8A%E8%A8%B4%E8%BF%BD%E7%AB%9F%E7%84%A1%E8%A2%AB%E5%AE%B3%E4%BA%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1999
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5700717
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230052-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700502922.252341,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 43524
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
23776
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 19 Nov 2024 11:19:06 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5264822
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230052-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700502922.252329,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 2170080
Q0hfREVTS1RPUA==.json
cdn.adpushup.com/fpe/42753/MAN_Data/ 		555 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/fpe/42753/MAN_Data/Q0hfREVTS1RPUA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 18:55:22 GMT
date
Mon, 20 Nov 2023 17:54:17 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
x-client-device
desktop
x-client-geo
CH
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1353658931458646&correlator=4102019795928315&eid=31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700502922292&lmt=1700502922&adxs=220&adys=454&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1495016026.1700502922&ga_sid=1700502922&ga_hid=1403173055&ga_fc=true&dlt=1700502921923&idt=342&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ecb227998be6760d36fa8fa1dc6bf0bb7496e58a1f1fe4c8b721386b85c5a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12885
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
16df40c7387f574a836dc77d62300e82.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C319 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://16df40c7387f574a836dc77d62300e82.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 17:55:22 GMT
expires
Tue, 19 Nov 2024 17:55:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489A) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
age
1494700
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (ama/489A)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 17:55:22 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
age
8765744
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 17:55:22 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3468:1b3e:b397:53a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
age
5797459
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 17:55:22 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA1MDI5MjIzODEsInBhY2tldElkIjoiMDAwMEE3MDEtOTk0OWEzYTAtYjJkMC00NzE0LTk1MDctMTg0NjNhYjYzODEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1xdWFuLXN1LXpodWktamluZy13dS1iZWktaGFpLXJlbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=2204.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1700502922488
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 19 Nov 2024 17:55:22 GMT
date
Mon, 20 Nov 2023 17:55:22 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
8232598
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
view
securepubads.g.doubleclick.net/pcs/ Frame B93C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuS0XV9mZ-3zdhLmBmeqqnPL_bjisvBBneFWMdaJkwvBTL-Ewb5PwJKDRW5aGzlhKjt7lWZyelyF0Xct8CP4CdGI0Hn6XEDzWJC-7mnfXRkGzlzOKoxdiN89boHO7WR20MCglwOdjxsdW05XG5BP4cxGnpHqWl6vpYkcXRoWU0JNKDlQxaVbKIC3wqjqtjws6RXN6EK52_6HVqmhLW7DCbUfSlENIxjNoO3gDhtZa2OWGsmTE5Xil1grcQzUrUrIjYHrQfBkWyZAncyqFO85ZlvQZ4u8Z9Yfjp8MilDGpRcHSdS7DU24IIsWV_BTg7Xp4QlbA&sai=AMfl-YTHoHpAiABx7LTPNbUO1F0tzKrXj-KHupw9qvrNLPRpwirNpevjWwhtKZwX1rOot8M35goRfGL-NHq9KZXbcMOg6vDsKSVW0CB0BrMJbXk0F9OQ-s6Pv8Jg3OVPM0FZndLqxD8BZybNblRMUEQXfI8&sig=Cg0ArKJSzEHvlKiYsQWkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Nov 2023 17:55:22 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:10:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6555dc90-66a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 20 Nov 2023 18:55:22 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B93C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:22 GMT
impl.20231120-17-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231120-17-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4fc32e6fc403d791b614e173174cf80dfabf2c4a9fd3e4f8c58134c19a1248e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wN9atD7Kl1ivG9gEZ1nbtxcXcwmI_1st
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:22 GMT
x-amz-request-id
5G4WJZ8W2668NREB
age
17378
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173711
x-amz-id-2
WREpH12MsxvDubDmNAQw2KtIH/9hfjMcISvRsfzP90g1nVxSkTiCoHf9oXQa5DU1+48ttMoT2eY=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:04:46 GMT
server
AmazonS3-br
x-timer
S1700502923.580483,VS0,VE0
etag
"3863cf084beb457b7c5a89cd8e740794"
vary
Accept-Encoding
content-type
application/javascript
abp
71
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
192
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA1MDI5MjI1ODIsInBhY2tldElkIjoiMDAwMEE3MDEtOTk0OWEzYTAtYjJkMC00NzE0LTk1MDctMTg0NjNhYjYzODEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1xdWFuLXN1LXpodWktamluZy13dS1iZWktaGFpLXJlbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2405.7000045776367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA1MDI5MjI1ODcsInBhY2tldElkIjoiMDAwMEE3MDEtOTk0OWEzYTAtYjJkMC00NzE0LTk1MDctMTg0NjNhYjYzODEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1xdWFuLXN1LXpodWktamluZy13dS1iZWktaGFpLXJlbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2410.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA1MDI5MjI1OTAsInBhY2tldElkIjoiMDAwMEE3MDEtOTk0OWEzYTAtYjJkMC00NzE0LTk1MDctMTg0NjNhYjYzODEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1xdWFuLXN1LXpodWktamluZy13dS1iZWktaGFpLXJlbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2413
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1353658931458646&correlator=1071617476229794&eid=31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&arp=1&abxe=1&dt=1700502922597&lmt=1700502922&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1495016026.1700502922&ga_sid=1700502922&ga_hid=1403173055&ga_fc=true&dlt=1700502921923&idt=342&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_9_1_pv%26cluster_reporting%3Dchrome_DESKTOP_9_1_active_1_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_4%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_4%26faid%3Dfalse%26adro%3Dv8_e&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
056b6859039a6a9dc49ebda125892dc7b547dc3d24acb9084e3386afc6f376b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15888
x-xss-protection
0
google-lineitem-id
6393702623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449154837
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
23776
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 19 Nov 2024 11:19:06 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA1MDI5MjI1ODIsInBhY2tldElkIjoiMDAwMEE3MDEtOTk0OWEzYTAtYjJkMC00NzE0LTk1MDctMTg0NjNhYjYzODEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1xdWFuLXN1LXpodWktamluZy13dS1iZWktaGFpLXJlbi5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2437.2000045776367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 27 Nov 2023 17:55:22 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231120
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c456cf0ac5658c4f8012b1640ee09d1c83a478bc7608ef9fc24301bb2a42d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6869
x-jsd-version
1.0.1880
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220047-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-i6OtvaSkIx79BjIAPqiQ5gZPX0w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBuzUMfc6VR%2Fa4cTxZn0QQTyRQg4OIhKPqSc7MDiLVk0t38CTyFHNOsAkZXLt%2FoCE0QarPS9ZVK%2Bq%2F8hZcDE2u77bEQrxC7QItoXMlVxxqx4kg2Vg9yWvM6DFUwftIrYX%2F8mNvy%2BRck5rAueYIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
829290433955366b-FRA
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.219.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-219-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
293fdccd7cb1892fdc8d3dad22f1b6237b77a80fbf3d4cc99d00bf668134ac83

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 20 Nov 2023 17:55:22 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.139.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-139-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
471b483d5fb65c70991fefb9de0d3945f5d6c98d064ee0e1f83265d93452008d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
172
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		443 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=68bdeb80-a8ec-40c0-8bf8-2abe6f99face%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%BF%AB%E6%AC%8A%E8%A8%B4%E8%BF%BD%E7%AB%9F%E7%84%A1%E8%A2%AB%E5%AE%B3%E4%BA%BA&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=2642f968-99a2-491b-8fcd-9ce3071cc418%3B31413611-a0ea-4c49-bcc0-d9744de627cd&l_pb_bid_id=207f3aaae2947c8%3B21f175cc5de6e65&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2642f968-99a2-491b-8fcd-9ce3071cc418%3B31413611-a0ea-4c49-bcc0-d9744de627cd&rp_maxbids=1&slots=2&rand=0.08469428067231077
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
61ec37ffa239684177bf384bf9e9f55f5e90846a6d717fa150ad58eba280579d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
85cf7828ee650555c6339a992cad99ce6774675bebc3733f0781e22f22fe3d0e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 17:55:22 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
fb52a07e3f5f395e254717a4c71058af3b4ba1dee096bd1d745fbdf615d44f49

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
fb52a07e3f5f395e254717a4c71058af3b4ba1dee096bd1d745fbdf615d44f49

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
fb52a07e3f5f395e254717a4c71058af3b4ba1dee096bd1d745fbdf615d44f49

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid-request
a.teads.tv/hb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
86ffc0479305f4f20aaf0a5e85ea2f561ef859edf9e4eae9ca0b1930a26f8013

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
487
expires
Mon, 20 Nov 2023 17:55:23 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=99413643906&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 20 Nov 2023 17:55:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
829290434aed363c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
829290434aee363c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
adreq
ads.servenobid.com/ 		592 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5533
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5e288383c15c23ae3e707f0c636164cd7ebed478757670bfd458e490fd5eeec0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
18
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a86a46270d0b5a920fa25dc7f7dccc65f32132797db058bad70446cafe6af56

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bzEibPpXgtiHeEKQFLedqNF1YB%2BwJxXf8vpU8DmPnbMLlPj36WIzeoH6sie1%2BdF6IUGrOsFDyh7GrI02mhGOtIBkytRi76gLtbbPabik%2Fl6D0cODmLfNharptBk1V8G34f4wFfV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
829290435eb865b8-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a86a46270d0b5a920fa25dc7f7dccc65f32132797db058bad70446cafe6af56

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5chUwaBnp7PLM%2FiIzPmxQfQjI%2Bxsr%2F286O3lrUsh3r8ru0eVDVRvTC%2BocIXRhheSxrzEQ7mceWuIv22heRD03zSLuH0GPNgC0qiNSnk16%2FJ2NIrGsEB%2FhBh0iXhjz7Xcp7nYLDv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
829290436eb965b8-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a86a46270d0b5a920fa25dc7f7dccc65f32132797db058bad70446cafe6af56

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGhcNiWgPc3LnHvsL5QgyHyMmcQUGdnVYO9SXqDcCEAUlUygmudFwEg3so6jiC10JDH%2BDSzYBIsICMP1JpsZAHXRbSlWO%2F1D6cfQXhF%2B2KXEF3vdsVxSiVIOSjDmJgbcejOufcES"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
829290436eba65b8-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		250 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
adfc4dde77227582dc74c2beffb99dd7f03db37ed49846bafd1a9529b559a8ba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:22 GMT
an-x-request-uuid
167a0556-902b-43b3-b2a1-25381843486a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 20 Nov 2023 17:55:22 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
14
server
envoy
vary
origin, Accept-Encoding
impress
ad.vidverto.io/delivery/ 		58 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&referrer=&async=1&uid=7998460003&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
24f17264c3e3c2eab423df86b31b5b067b699fccd0146e057272d9d4ac4817a9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2374
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Pk9dNeAHXT%2F3HuNcYaWYIOS7N0JxQsgUJ%2FNF%2BjUILZKnpIg267CLIlWlNE4BQRVfT1F5i2GhyZpClf0G2BIMALEeLekVSomNZZGDkdmncjCkO3G5u98e1sl4ghIN0mhpUgPknDgMhh6Jk%2Fg4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8292904309db3a76-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6229c19b4fa9b6dae1174e871867946c1fb7588c948eca2be40cdf2024b37995

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
truncated
/ Frame B93C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fc31e925b7565e633d602d90767aa47dba2b8273e58fc2f1152ad5e89d7d9bd

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B93C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzfdD8OX8m9Bfw-3D6c5kWGUQ83j9LMYWlam7xCFZI5V3jTqZ3w7c4wwft2a9qd0DVWTizLdbzCkJwfU_bSaUhjd63S6J7BdiU4GKBMzyVbadXObyHi3UGuwVl5tEPk6gBLdr19VhSBU-_bRhZ8a5ida7aqSyWCFhMX2CD_KKrx3oOW3yDHFLk0u6mqN4yaEiVQU2n_smcVYdL-Zd_n8yaMlVxnHnmo4nM9BE3vqs2pHDHHkkg2FH2wcgE_-SUdwI2Rc2rSJw-XFt4fBtbFTarIqGRi6FDi49dElCfrK1DlYEocJ5ar_1DjryMk-n1lrIzKLNF&sai=AMfl-YQnJ0dE1WGIwPgeTd7PZ4-7KwLSEJWSodV7vnKQ9do7FCf3eCFpfoqAaVBzhkCHLkxzEQaJjU7umCsYmBJdy_H2wulwb7qJwKxW2OdAat3phQa5qIKoJKdzb-h-aG3NdMqTWRqrWudEYlNYCsUVwLI&sig=Cg0ArKJSzD0uPlbDnGQXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Nov 2023 17:55:22 GMT
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6432260071462477&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
/
onetag-sys.com/usync/ Frame FD40 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Mon, 20 Nov 2023 17:55:22 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 20 Nov 2023 18:55:22 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 20 Nov 2023 18:55:22 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=014c5c39987adb8c121409403556206f
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 11:21:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6554a9c7-161f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 20 Nov 2023 18:55:22 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 15:40:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65427166-20687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 20 Nov 2023 18:55:22 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 20 Nov 2023 18:55:22 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=4d7b4bec-080d-46ae-b75a-1b18da32d324&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=4d7b4bec-080d-46ae-b75a-1b18da32d324&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=4d7b4bec-080d-46ae-b75a-1b18da32d324&p_id=23
date
Mon, 20 Nov 2023 17:55:22 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=30c62474-6efb-4d74-9543-7ea0e83e191c&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=30c62474-6efb-4d74-9543-7ea0e83e191c&gdpr=0&gdpr_consent=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-lZkXBrCcLgzWs1YIa4IpN1a46o1sokItS_YD-Q&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=e05e85ff-7eb9-427b-9938-7e0525b78b11&p_id=15
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=e05e85ff-7eb9-427b-9938-7e0525b78b11&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=e05e85ff-7eb9-427b-9938-7e0525b78b11&p_id=15
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Mon, 27 Nov 2023 17:55:22 GMT
css2
fonts.googleapis.com/ Frame 3E8A 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 17:47:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 17:55:22 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 3E8A 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 03:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
50149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 03:59:33 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:09:34 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2749
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
WWnTBs_7P4MW6oh8dYMKzhXGn4hAQPNq4ntcCR9IF2Cy2PzWysHh0g==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231120-17-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
283290
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		72 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=18%3A55%3A22.914&lti=deflated&data=%7B%22id%22%3A136%2C%22ii%22%3A%22%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1700486390159%2C%22vi%22%3A1700502922912%2C%22cv%22%3A%2220231120-17-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html%22%2C%22vpi%22%3A%22%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3475%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2755.90625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231120-17-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5aa1990d22212c266daa5670b32102cebfc454edf9eee131a01971896eb15b2e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
250
date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.0539583333333333
x-fastly-to-nlb-rtt
70039
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1700502923.937173,VS0,VE250
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
a1551001.js
js.genieessp.com/t/551/001/ Frame 0485 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/551/001/a1551001.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.129 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 08:10:59 GMT
server
nginx
etag
W/"65016e93-2598"
content-type
application/javascript
cache-control
max-age=900, private
cross-origin-resource-policy
cross-origin
expires
Mon, 20 Nov 2023 18:10:23 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0485 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:22 GMT
pixel;r=1137630914;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1137630914;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-2048840126-1700502922895;pbc=68bdeb80-a8ec-40c0-8bf8-2abe6f99face;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700502923030;tzo=-60;ogl=;ses=0dda8b67-c14b-401e-878d-ff42870cbfae;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 20 Nov 2023 17:55:23 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
prebid-request
onetag-sys.com/ 		15 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
prg.smartadserver.com/prebid/ 		0
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sYW4tcXVhbi1zdS16aHVpLWppbmctd3UtYmVpLWhhaS1yZW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTk5NDlhM2EwLWIyZDAtNDcxNC05NTA3LTE4NDYzYWI2MzgxMiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI3YTJjYjA4ZS1hODJlLTQ1NzUtOTZiZC04ZTViOWIwYmY4Y2UiLCJ0aW1lT2ZBdWN0aW9uIjoxNzAwNTAyOTIyNjYwLCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiN2EyY2IwOGUtYTgyZS00NTc1LTk2YmQtOGU1YjliMGJmOGNlIiwidGltZU9mQXVjdGlvbiI6MTcwMDUwMjkyMjY2MCwiYmlkcyI6W3siY3BtIjowLjEsImFkSWQiOiI3NTE2Yzc0OTc1NGIzOTUiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDEwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDUwMjkyMzA5MX0seyJjcG0iOjAuMSwiYWRJZCI6Ijc2YmVkNzZmZjg5OGM5NSIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MTIsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNTAyOTIzMDkzfSx7ImNwbSI6MC4xLCJhZElkIjoiNzc0YTY2Y2RjNGVkN2VkIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQxMiwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDA1MDI5MjMwOTN9LHsiY3BtIjowLjEsImFkSWQiOiI3ODMyMjA0NzhkMjMzZmYiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDEzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDUwMjkyMzA5NH0seyJjcG0iOjAuMSwiYWRJZCI6Ijc5YmFmZWM3ODU3MGUzYyIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MTMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNTAyOTIzMDk0fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6InRlYWRzIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NTE2Yzc0OTc1NGIzOTUiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMX1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2921.2000045776367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1353658931458646&correlator=4110017618758801&eid=31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&arp=1&abxe=1&dt=1700502923113&lmt=1700502923&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGskYRavroQ5qvOHhi93C8sLuhh3XaJMpeb3oA_iyYewc4G9Txf6LYFWGxg1dcwNKgymT9ZsQZWy3Rnp_mnLpRw8&ga_vid=1495016026.1700502922&ga_sid=1700502922&ga_hid=1403173055&ga_fc=true&dlt=1700502921923&idt=342&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_9_1%26cluster_reporting%3Dchrome_DESKTOP_9_1_active_1%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D7516c749754b395%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_4%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_4%26faid%3Dfalse%26adro%3Dv8_e&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74810332926baaa98d91b7a06c9cb5fbef0db3efc7eafaee6ca9b8bb4ffe3a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12353
x-xss-protection
0
google-lineitem-id
5221339621
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138441555793
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		377 B
160 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1353658931458646&correlator=4110017618758801&eid=31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&arp=1&abxe=1&dt=1700502923115&lmt=1700502923&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGskYRavroQ5qvOHhi93C8sLuhh3XaJMpeb3oA_iyYewc4G9Txf6LYFWGxg1dcwNKgymT9ZsQZWy3Rnp_mnLpRw8&ga_vid=1495016026.1700502922&ga_sid=1700502922&ga_hid=1403173055&ga_fc=true&dlt=1700502921923&idt=342&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_9_1%26cluster_reporting%3Dchrome_DESKTOP_9_1_active_1%26ap_refresh_type%3DAV_3%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_4%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_4%26faid%3Dfalse%26adro%3Dv8_e&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b9ca6b6d0820d6523564738a97ef47fad1fba7dbefb00a51ec90a129f6e8e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame F2DC 		714 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3183
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
829290463fdb9b3f-FRA
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 17:55:23 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBkv6E17ZDKVfoLNM12%2F05HzR3eP35DTyUUFxFl7ndHSgeT7m8GbIa%2Bv%2BIpwkcPyaxhsolFEfs63EzlKBmIjvauTZnau31hogh0%2F1cWXG3YtUWnZ9moZ7mQaTCZWnkyueCoNANM5AhR%2FpeZQDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3838
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 17:55:23 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 20 Nov 2023 17:55:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
connection
close
content-length
35
content-type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F2DC 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
527f6689bb0f30fd94ec2800fecb9380e14e47975e1f323c05facf57f2e92e5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30307
x-xss-protection
0
server
cafe
etag
254 / 19681 / 31079658 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:23 GMT
floating-unit.20231120-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231120-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
748a5522d5084ac1d59405163d90409108d51c97132431a956f8168c5d22edcf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
f1ulCcZK5RX7xN6Xz5t59DA0Cc7nxeU5
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
GTHY1P8XBBFKRKRP
age
17317
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2493
x-amz-id-2
ppITTGjp0KvNK1R8Wp6hei3sB9K7TfWBGZwt9z/pVBOgfqGiv2TA/rf6EOFZnFkpWQGVpDiaun4=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:05:03 GMT
server
AmazonS3
x-timer
S1700502923.331449,VS0,VE0
etag
"11ac6b3177820f967c8df641d0958220"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5263
taboola-vignette-new-scanning.20231120-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231120-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e322cfdfbc195424c8c3fc7a6149d1e4787ffda50b82f12d1850e60186655940

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dP8Hte8N3IXFHjBsjbuLDSTz.fMlGkL8
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
MPS9W6SK0XA7KENP
age
17326
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
8020
x-amz-id-2
+abDm07rTY0DFXYgISmiLVq6NBGVeqk/56DwCTDTVosqHo5tW72g36U9UgEBOc9zUUu1vr0wOHU=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:04:43 GMT
server
AmazonS3
x-timer
S1700502923.331477,VS0,VE0
etag
"cc704526a43c7fd3904086a74590eafa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4066
distance-from-article.20231120-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231120-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3671e700641f99c067a69ea26ba0980b22773af7353f81893e1a0e11864a7c14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eqhpm1gt.r0PP.yjSx6qFjHIfm8OA.KN
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
JMWJ3MGR70NHWSDQ
age
17376
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1133
x-amz-id-2
sZ52kCc1UIcU4MnLLY0lDWMSc7DzUGtcpzL25mV2n54luiHtnyyg1WVbF3Wdo08qbo7umbVSMNU=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:05:14 GMT
server
AmazonS3
x-timer
S1700502923.349427,VS0,VE0
etag
"9908176c98226127d96e23ba95b0598e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
56322
article-detection.20231120-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231120-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40740068f4e328444d777b937759990a9701c278d9c714a300e4e837f98d7abb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QkQWzMmVcr.ZSxLj8DKmMX0Nro.ghow0
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
JMWWAHYBN2GGM7QG
age
17376
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1292
x-amz-id-2
15qMwqOJXeLgV+p1q+lAfPKyVUVkr5/narxk1SokxduPfvgUw0yMFywpUBGfaN3UNihL2fs1n/8=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:05:22 GMT
server
AmazonS3
x-timer
S1700502923.354973,VS0,VE0
etag
"046916d6beea9ba3c6f1714c71f58764"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
56380
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.9/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231120-17-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a92d33f554ce1738ba8de92d34c2e82eb9aa06f4c29a530e7fe5348954dee07

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 b99111dfd026a3c99d0e66063beb0544.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
201244
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34194
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Sat, 18 Nov 2023 10:01:07 GMT
server
AmazonS3
x-timer
S1700502924.511522,VS0,VE0
etag
"71c188f2046759c2140f9eafdaccf881"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5er-avQ5JdkOhkczbLsW-HUEUzE9NY87pv5jE9Pe4YzzT5CaSMG_Dw==
x-cache-hits
24108
feed-card-placeholder.20231120-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231120-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3575af1b659f79cf9f82ecccc15a2ce94a859c99692efbcb0074848abbe0ac47

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZEhwmleZUxuSnJ6peVsMx3wqMc_myFG9
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
JMWQBCEEW2X6NQH4
age
17376
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1262
x-amz-id-2
A+6583rkvy/ZFKKlz+7ZgSPHgDAwZgNRKomEoCo6ZFBB/E6idJH9X7ue49nKI/1qK+3J/3qsXRE=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:05:09 GMT
server
AmazonS3
x-timer
S1700502923.357762,VS0,VE0
etag
"e61030f9557a91967a962f5911114b71"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
49671
userx.20231120-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231120-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0db656abfc577411c85919cec217339906cffcbe3a4441c545396a423ff29cf8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_ZliU1SX42mRP.5r6fPkfb_Q9BjPNAAl
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
DDH6F6Q3BXF5K2ZQ
age
17371
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
Fq09YGmm7zW4bghb+e+WGF0SpFXQCfLAVWGPXajRSbM0MiOboTeeWIs+3fSiu/T5HRfRWW1FXaI=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:04:40 GMT
server
AmazonS3
x-timer
S1700502923.360815,VS0,VE0
etag
"fff52369346838e7dadc58d90ff888f6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13672
explore-more.20231120-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231120-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca68b6daa2f2d3bd83d991304e4cd227b83ef8e0fb345eb51dba1c7f36cd43ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QhAG2B8HdIq7by9F8TG07M.1hDlFz8w0
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
JMWYHYPDA46DXJSQ
age
17376
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7707
x-amz-id-2
P2xbPGsZYz2T1TwhVAY0YpJELbYgnI643NAulJFQDzACYhiVWdYTtuzhG6So3vs4VpzQoihvdJE=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:05:10 GMT
server
AmazonS3
x-timer
S1700502923.370914,VS0,VE0
etag
"887b6916b7b3ab4f28ee83552e2f3390"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
25220
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=18%3A55%3A23.315&id=8211&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700502923317%7D&tim=18%3A55%3A23.318&id=7059&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700502923332%7D&tim=18%3A55%3A23.332&id=6155&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A55%3A23.360&id=8316&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A55%3A23.363&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2573&cv=20231120-17-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72454
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A55%3A23.364&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6998&cv=20231120-17-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72454
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A55%3A23.368&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=2793&cv=20231120-17-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72129
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A55%3A23.369&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=1390&cv=20231120-17-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72129
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A55%3A23.373&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3985&cv=20231120-17-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72129
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
12
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1700502923.387343,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
95
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
26
9d986bc2bc87923dda4c600767c7a58b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_810%2Cw_1080%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_810%2Cw_1080%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d986bc2bc87923dda4c600767c7a58b.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15c90ca5a02935e447e871f069cab41f2d289f564fd712787f36b16fb2085835

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
13
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_810%2Cw_1080%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d986bc2bc87923dda4c600767c7a58b.png
age
1718005
edge-cache-tag
319963867360963860319660097690970901169,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
319963867360963860319660097690970901169,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
269
expiration
expiry-date="Thu, 23 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://tops.easyvoyage.de/
content-length
62742
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000050-IAD, cache-iad-kiad7000050-IAD, cache-lax-kwhp1940030-LAX, cache-iad-kjyo7100023-IAD, cache-fra-eddf8230040-FRA
last-modified
Mon, 23 Oct 2023 09:20:07 GMT
server
nginx
surrogate-reporting
width=1200,height=900,bytes=92206,owidth=1600,oheight=900,obytes=1797995
x-timer
S1700502923.407950,VS0,VE13
etag
"569c3a84c39486231522c56fe74800d2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 9, 1, 0, 1
9d986bc2bc87923dda4c600767c7a58b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d986bc2bc87923dda4c600767c7a58b.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
06400005a34674afd7a6ed9c307e5265cb2960c3b77a6f44610605f31c4f9c25

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d986bc2bc87923dda4c600767c7a58b.png
age
2336988
edge-cache-tag
319963867360963860319660097690970901169,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
319963867360963860319660097690970901169,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
211
req-referer
https://www.gazzetta.it/
content-length
36730
x-request-id
b00557592ec5da207be7b33c672c807d
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100079-IAD, cache-iad-kiad7000092-IAD, cache-sna10746-LGB, cache-iad-kcgs7200026-IAD, cache-fra-eddf8230040-FRA
last-modified
Fri, 20 Oct 2023 15:09:36 GMT
server
nginx
surrogate-reporting
width=1600,height=800,bytes=96460,owidth=1600,oheight=900,obytes=1797995
x-timer
S1700502923.409068,VS0,VE2
etag
"17d000f3657d088dbd65e9d0ac5905da"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 1, 1
2e17c36517808fd5e33ede01be8a8be1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2e17c36517808fd5e33ede01be8a8be1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16808931fd31ecc4652bf596d7589f8aa95e0381a1af873dfc5fe794b78d6c6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2e17c36517808fd5e33ede01be8a8be1.png
age
1033002
edge-cache-tag
368629044553241694521569277459192641077,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
368629044553241694521569277459192641077,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
298
req-referer
https://flytant.com/
content-length
4664
x-request-id
cfd3f80c91ed3bb65296c1516396b430
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200148-IAD, cache-iad-kcgs7200141-IAD, cache-pdk-kpdk1780069-PDK, cache-iad-kcgs7200162-IAD, cache-fra-eddf8230040-FRA
last-modified
Mon, 02 Oct 2023 11:45:53 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=7835,owidth=1920,oheight=1080,obytes=202860
x-timer
S1700502924.533190,VS0,VE1
etag
"30437fc02f6be6fc9254008185e8234f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 13, 1
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aba4433c326a47ff70fbf9ec973e6aed78cac71047de9f3820406147d344698c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
2827405
edge-cache-tag
500629582064787076250330989933903002781,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
92
expiration
expiry-date="Sun, 01 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.st-georg.de/
content-length
13644
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kiad7000165-IAD, cache-sna10725-LGB, cache-iad-kcgs7200102-IAD, cache-fra-eddf8230040-FRA
last-modified
Thu, 31 Aug 2023 17:07:07 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=1200,oheight=800,obytes=1094111
x-timer
S1700502924.553099,VS0,VE0
etag
"32ff0e0da5a78f593d26d0bf1f1f50f9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 82, 2
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c15f1d59737fd83228622836f14095c34e902c50564a25a3b0efb60464be6ac8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
5988376
edge-cache-tag
553345370031307653688610699912439950752,572832214153325356336544796315132161834,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,572832214153325356336544796315132161834,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
191
expiration
expiry-date="Tue, 22 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/
content-length
26108
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200071-IAD, cache-iad-kcgs7200071-IAD, cache-sna10736-LGB, cache-iad-kiad7000148-IAD, cache-fra-eddf8230040-FRA
last-modified
Sat, 22 Jul 2023 17:17:04 GMT
server
nginx
x-timer
S1700502924.601051,VS0,VE2
etag
"801a05593096c701eb747085cb4b1282"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 58, 1, 192, 1
76ffda26899be45a9c66e8a8f3d17969.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/76ffda26899be45a9c66e8a8f3d17969.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ac867fb48b75af07ac3afbebf3b9fde603741d8c534f9dbaaa52ea5e1e2da15

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/76ffda26899be45a9c66e8a8f3d17969.jpeg
age
1571130
edge-cache-tag
402954199585324672007838957640849415153,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
402954199585324672007838957640849415153,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
148
req-referer
https://www.cricket12.com/australia-vs-afghanistan-world-cup-highlights-2023-7th-november/
content-length
7826
x-request-id
5dd7fb755fe8b758d9e4c25b551cfb1a
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kiad7000056-IAD, cache-lga21967-LGA, cache-iad-kcgs7200047-IAD, cache-fra-eddf8230040-FRA
last-modified
Thu, 02 Nov 2023 09:21:13 GMT
server
nginx
surrogate-reporting
width=1024,height=568,bytes=33235,owidth=1024,oheight=576,obytes=49977
x-timer
S1700502924.656553,VS0,VE2
etag
"20087d5c0af5acdf77ec20d62b82ee07"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
c7b3c293b08f18b7eea6000ea2533172.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7b3c293b08f18b7eea6000ea2533172.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f355b894ea0006b2ffd1fccea5fec86b4cf9409bb7f221ae59ad7bfbe0618647

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
12
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7b3c293b08f18b7eea6000ea2533172.png
age
290479
edge-cache-tag
617325438461775426362038020035058779194,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
617325438461775426362038020035058779194,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
419
req-referer
https://gall.dcinside.com/board/view/?id=dcbest&no=184079
content-length
8728
x-request-id
039587c2ccb4a6ecbd248ed1878d706d
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200179-IAD, cache-iad-kjyo7100114-IAD, cache-lga21934-LGA, cache-iad-kjyo7100149-IAD, cache-fra-eddf8230040-FRA
last-modified
Thu, 16 Nov 2023 18:00:32 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=14125,owidth=1190,oheight=797,obytes=1354678
x-timer
S1700502924.656884,VS0,VE12
etag
"a08f816ef11d278b02ed27a67f262d3b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
9d986bc2bc87923dda4c600767c7a58b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d986bc2bc87923dda4c600767c7a58b.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f0bdb7ae37c8ccaee69854f17a284402127c97781af17e4e4217fcb3ad1de7e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d986bc2bc87923dda4c600767c7a58b.png
age
2455449
edge-cache-tag
319963867360963860319660097690970901169,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
319963867360963860319660097690970901169,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
215
req-referer
https://www.t-online.de/
content-length
45510
x-request-id
c560d5b34d8d5b4c26d15c83a090016f
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200067-IAD, cache-iad-kcgs7200067-IAD, cache-sna10747-LGB, cache-iad-kiad7000053-IAD, cache-fra-eddf8230040-FRA
last-modified
Fri, 20 Oct 2023 15:10:25 GMT
server
nginx
surrogate-reporting
width=1600,height=888,bytes=113259,owidth=1600,oheight=900,obytes=1797995
x-timer
S1700502924.657177,VS0,VE2
etag
"fa1762a292f3c7fbe17fd22db82ccaaa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 6, 1, 0, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
4204214
edge-cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
269
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.desired.de/
content-length
29394
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200115-IAD, cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200071-IAD, cache-fra-eddf8230040-FRA
last-modified
Tue, 01 Aug 2023 07:44:45 GMT
server
nginx
x-timer
S1700502924.657159,VS0,VE2
etag
"a8139c2d2ea8fa23ad77f4b509ad1b5b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 72, 1
2e17c36517808fd5e33ede01be8a8be1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2e17c36517808fd5e33ede01be8a8be1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5281ea752a8ef414d8534d1da986963f250afeeff3635abdfa79e203d7d62550

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2e17c36517808fd5e33ede01be8a8be1.png
age
2200452
edge-cache-tag
368629044553241694521569277459192641077,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
368629044553241694521569277459192641077,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
278
req-referer
https://cdn.taboola.com/
content-length
11804
x-request-id
6c7c84a9adcee6134f6035ea1dae0337
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kiad7000134-IAD, cache-sna10722-LGB, cache-iad-kcgs7200152-IAD, cache-fra-eddf8230040-FRA
last-modified
Thu, 31 Aug 2023 12:26:12 GMT
server
nginx
x-timer
S1700502924.678402,VS0,VE2
etag
"25ffc9e876ba158b8cd84dac7cc8d0fa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 13, 1
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a3790beb69a7947610ec1a3063b6df868d75c1da9aec99c0a28e1202f6adaf3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 20 Nov 2023 17:55:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
4774162
edge-cache-tag
500629582064787076250330989933903002781,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
398
expiration
expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
33296
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000021-IAD, cache-iad-kcgs7200052-IAD, cache-sna10729-LGB, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230040-FRA
last-modified
Wed, 19 Jul 2023 11:47:45 GMT
server
nginx
x-timer
S1700502924.766486,VS0,VE2
etag
"e27c10776e8acb7d55ac3095f7ebf0b2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 17, 1, 342, 1
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 20 Nov 2023 18:55:23 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 6BEC 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
189247
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 13:21:16 GMT
expires
Sun, 17 Nov 2024 13:21:16 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Nov 2023 17:55:23 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 51FD 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 20 Nov 2023 18:15:37 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=c5hGt2WBuCLIAkNDcmymcS05VLp%2BHtcLBuKE1EzoV0lXvon0anS%2FXyUlQvYuflTMtiMBidlbOjuwIVr4XbJiInaFYWBgDj8gWgRupkqs4sCVtYuIjqHJ3ObEI2uSUuyj3mfmQIKjijbsWVnnWQPpH3y6y07EebWUfFTrBPVU09QSWf%2BgAVJY1THaaH3KTDzyIJpL1DxLalZ2JPAjsU4C93g5SQCrYHxAuMRadbtq0CTI0vM7Y%2FbJOqbfCOpYdYnwXdhm8s5ogFvJrpSN9hYjLD256rV8bZsvFno7xtkV5Oy8xnrV78Bzp0sB%2FX%2BYIRv8kIDmEnne39TtiADHgLN0Ojvj0dDIDJz22r5b44EJcX20j32DHaRMKj33rwXydMDyltpLYYP6nqloAZf%2FZ9pxY3sgukTnNIq2nTZRjGfaufwDcqUtWXOShMCQsDftDafh03%2BHVJS%2B3OFGR8xQeJKJ0CwHGRbAPvytJwX7s4APIo8M4vUXv4XCZzrjthgKV4MIxgiuej3NEpvkipSl2wp7ADZ40U5dvDXbsUymc080GSIxpcZ3RtvSrg1Nv5BYA93GVwcM7SDYniXc1SRGaD5EkXIKeTsj0QsB3g6kE1f5Mayx6EoGg%2F74noi22cLJN06Yf4ubxkKYF30xJbkprIN0ZDZuLinlOah7Of8RajwIIbVX1LKpb%2FzPH3G27JHV75UnJDaGq2g8%2BipkNiB%2FrSdvK%2BdLIicRzXKPucVlzLp9EGM%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/ 		80 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.133 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-133.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 20 Nov 2023 17:55:23 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ Frame F2DC 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
31430
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 19 Nov 2024 09:11:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 36E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJ22MZpMwY3Vq5YQ3cujcy2xPNWjxWCCoh6V55OkZ_mdf7WyGxi6mzewQtE3qoU0p7UqUTcOU2AkrH8rNJ4U1rvVKa4FxZE4bPb_SkozZaPlhali_aHzmJq7o7MVtrTFoaMf_2tNpNNGRfwkwSLuieF2q2ArWIevRzVU9KQAR9SBVhC0AtDuiGDmC58QlCwhMDEHYnB65Xf2kdo29Az5LCeL_LMZALEIG4-RVjjH3FSHxKDLk9_JnE5rcF2uH9XbHkINlTk7DgTyr-Qv4reh4RQh5FlyqSxCi4RGQeeqqpsYie67qXMLh4-inHnXRyJ-5uMR_u2tc-ZjKU1VYtmI1VAx9E-Ey8&sai=AMfl-YSB3YwRWy7w37-ZWGpqwOHeT9k9wyK_iZdcqUt5IUPlGyl6vwjg7NsVItbhSWdxqviJIAPxjh_uflVmkIBvmCfUUQRMOHOpI534CR-hrHEAmfE1fd7yE7Zi64SXpQ&sig=Cg0ArKJSzNPJP9DQqWGEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3468:1b3e:b397:53a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce
a.teads.tv/hb/ad/ Frame 36E3 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
91d0c777a21fa697a3a6ad517e0afdbdaf096389102cbc4fd40dbfeff00a8619

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2546
expires
Mon, 20 Nov 2023 17:55:23 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3468:1b3e:b397:53a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15
a.teads.tv/hb/ad/ Frame 9B69 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
389fb19d31c281d68662cb4951310aa5f27a75794d937465dfea0d4ad86f85b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2421
expires
Mon, 20 Nov 2023 17:55:23 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3468:1b3e:b397:53a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 36E3 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:23 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sYW4tcXVhbi1zdS16aHVpLWppbmctd3UtYmVpLWhhaS1yZW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTk5NDlhM2EwLWIyZDAtNDcxNC05NTA3LTE4NDYzYWI2MzgxMiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJyZXNwb25zZVRpbWUiOjQxMCwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoidGVhZHMiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDEsIndpbm5lckFkVW5pdElkIjoiNzUxNmM3NDk3NTRiMzk1IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6IjdhMmNiMDhlLWE4MmUtNDU3NS05NmJkLThlNWI5YjBiZjhjZSIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3354.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9sYW4tcXVhbi1zdS16aHVpLWppbmctd3UtYmVpLWhhaS1yZW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTk5NDlhM2EwLWIyZDAtNDcxNC05NTA3LTE4NDYzYWI2MzgxMiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJyZXNwb25zZVRpbWUiOjQxMiwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoidGVhZHMiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDEsIndpbm5lckFkVW5pdElkIjoiNzZiZWQ3NmZmODk4Yzk1IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6IjdhMmNiMDhlLWE4MmUtNDU3NS05NmJkLThlNWI5YjBiZjhjZSIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3364.800003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
usync.js
eus.rubiconproject.com/ Frame 3838 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37778
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:25:01 GMT
next-up-widget.20231120-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231120-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbfa7bc007b1ed2be6c324b43d254e495b3df250870122557c2d7df1839308a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6kgZ.q.M85XejoHsNrX73tgZzqvPCybr
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
5255AH8ZMQ3KGD26
age
17317
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4623
x-amz-id-2
GKkBdRVbVQxP7tWN8eDwiD5liY9W62i1YnXmM5NSqmniz6Nm3eAmRzWCnkZKB4RJMTxF5Ve2ZqE=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:05:00 GMT
server
AmazonS3
x-timer
S1700502924.567562,VS0,VE0
etag
"bcc5271644d6f0a264dd1d4e11091830"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5145
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22344.234375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A55%3A23.557&id=6603&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1637%7D%22%2C%22eventTime%22%3A1700502923558%7D&tim=18%3A55%3A23.559&id=2905&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A55%3A23.669&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9270&cv=20231120-17-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
73712
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
x-content-type-options
nosniff
age
326305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:16:58 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:42:52 GMT
x-content-type-options
nosniff
age
249151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 20:42:52 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
css2
fonts.googleapis.com/ 		20 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231120-17-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 16:42:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 17:55:23 GMT
spa-detector.20231120-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231120-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86e4b98204d528d5043d880521604b6a65816ab291b0a4996296a2b4d3065673

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oaxyxRtx82P4TjV0Y8GzgHaY5OKkubhg
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 17:55:23 GMT
x-amz-request-id
5RCMTK108TZCV55H
age
17375
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
779
x-amz-id-2
tJqRybqp+MiPYKhjPrG0Xy0TOj68kOE/iVMDqhs6LCO1zU8u2OvU1lQJQ9dUgiWC48Jd3/kxIzk=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 20 Nov 2023 13:04:52 GMT
server
AmazonS3
x-timer
S1700502924.749129,VS0,VE0
etag
"bd4d610facfcd68d54b10be638c9f05b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
25817
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A55%3A23.720&id=7287&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700502923723%7D&tim=18%3A55%3A23.724&id=1289&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A55%3A23.726&id=8198&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13123&lti=deflated&ri=a6e3a179f26a1dda9c9cd98e4d105661&sd=v2_82c6adb24baa509e72b4dc17818bb9ee_f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a_1700502922_1700502922_CNawjgYQ2YJdGKDN_e6-MSABKAEwKziy0A1AuogQSOmP2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a&pi=/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&wi=5088364350987752218&pt=text&vi=1700502922912&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700502923727%7D&tim=18%3A55%3A23.727&id=355&llvl=2&cv=20231120-17-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 743C 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9747ec69ac8a41ea43575bffbbafc1e9b9c37ef2b3147fe45463c68af4189419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10197
x-xss-protection
0
server
cafe
etag
389867605470656484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:23 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3468:1b3e:b397:53a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvbGFuLXF1YW4tc3Utemh1aS1qaW5nLXd1LWJlaS1oYWktcmVuLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvbGFuLXF1YW4tc3Utemh1aS1qaW5nLXd1LWJlaS1oYWktcmVuLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 19 Nov 2024 17:55:24 GMT
date
Mon, 20 Nov 2023 17:54:19 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
480_650.mp4
cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/ 		72 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.133 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-133.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 20 Nov 2023 17:55:23 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame AF1B 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
189247
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 13:21:16 GMT
expires
Sun, 17 Nov 2024 13:21:16 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 13A3 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 20 Nov 2023 18:15:37 GMT
khaos.json
token.rubiconproject.com/ Frame 3838 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
X0CTWK2WhfHCPgTr6jZf1RS8nReGhyRhT%2F3Yh%2B72d72%2B8nMLkIdIA%2FjQ0wwTZ%2FMCQPOGgNxrGwBPOKJX4ZxskpK3gc2rKOQlhuwTnL4ykNgbJq2GECrxD4n81wtx9vrYRFRyitTJBBdvDJv0BYPjLET%2FNgW62VSYdiO%2Bu3chvwmx7zEcWtKvCHx...
ad.vidverto.io/delivery/video/pod/ Frame 6BEC 		53 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/X0CTWK2WhfHCPgTr6jZf1RS8nReGhyRhT%2F3Yh%2B72d72%2B8nMLkIdIA%2FjQ0wwTZ%2FMCQPOGgNxrGwBPOKJX4ZxskpK3gc2rKOQlhuwTnL4ykNgbJq2GECrxD4n81wtx9vrYRFRyitTJBBdvDJv0BYPjLET%2FNgW62VSYdiO%2Bu3chvwmx7zEcWtKvCHxCY5RXlhBN0vh9zDYxWNlpT%2FSzRWfQHIl0LL7k5BTe4PpO6jI2J4AL8PpLGUhTJn%2BXAiqShnfQUU4POsvU4Re1War3tzkXh5I2yBq0rc72stn6NdTeZFtFTOREHS2CrReDl%2FfAxF15njTlqVwtIYXKmUwH8qKrJumAeN%2BRZIq%2BTa4%2BYl8s3OM3uTDHurFjeHy96H4ojX1J%2FfoGcce6azgx7jWeau3mHqIuDp1LtyQDqUEIclXaPkWdiQrQArQ7kWBWmioSa%2FjI0HSIlFKf1TO45RtIkaWaqIu7X8BDrxFiSs7SeBgLdfafvSkYgdVts5L3ClVivZA2DlLt0UsJpEDWRq8H9DxAXjrT67sn%2Btob3gfyhquIffm81Po5KykTQOARjft8pS8ISc1LRB5tNw60Gk0g3bDwgVnu5DGxNPXCVlC9CA1LK9NCrsEyvEfDSoThlUl9JR5DClbbbsH001hxzYp5KFqyIQXkem%2Fw9jcmY45QJ04nU1FpCEIL%2F6pEPpiZXSbrsnnbn6fz7sygOefGu3P6h%2FFij1YTJEu51kLBdaBhYWbry55CFWbraHeylBjXU0XQ2c1ZQQ4UIKu%2BURPkQQgrvoLJVOzqJu5YlvqhCPnXIJrsBv0%2F07et1snZYo3NXRx9YWPx?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c41ec1252544c0499598201307af43d7c0ad86adb1bd93fe6aa6acdf90ff1bad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
native.js
a.teads.tv/media/flavors/ Frame 9B69 		98 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/flavors/native.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29996083786b7c45a679db1d2ffc53bef4ea9db2722708a3394df912e6f08bd9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 15:56:24 GMT
x-amz-request-id
0KXVN591004XPKAK
etag
"7e5d8cbbee2fc901e221888af3db1965"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
0
accept-ranges
bytes
content-length
24641
x-amz-id-2
A6anK3AUqoeEhERxuap0LThmubh42W3rHJkB2/+8lQk+cGFn3saXbOFmlaS1sy2LN4z/9IGC/vo=
expires
Mon, 20 Nov 2023 18:25:23 GMT
truncated
/ Frame 36E3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15b2f8d9675bc86d539ba6a103b0a721c74ce4a52a6ee7653f381edc910cbe74

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 6BEC 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp77j9f5&c=6203088597410&slotId=3101544298705&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx3.adform.net/adx/ Frame 6BEC 		65 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame 6BEC 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4500465513950723&ppid=30c62474-6efb-4d74-9543-7ea0e83e191c&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FSm-eTNE_RpT5zYgaUOwpEQ%3A1700506522%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=7C05A2DF-D8BB-4E77-B78A-9AA5677A070D&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=1700502923980&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&scor=1432019920371055&ged=ve4_td2_er697.400.698.800_vi0.0.1200.1600_vp100_ts1_eb24168_ct142
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 6BEC 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4500465513950723&cust_params=mt_fln%3D1.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FSm-eTNE_RpT5zYgaUOwpEQ%3A1700506522%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=7C05A2DF-D8BB-4E77-B78A-9AA5677A070D&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=1700502923982&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&scor=1432019920371055&ged=ve4_td2_er697.400.698.800_vi0.0.1200.1600_vp100_ts1_eb24168_ct145
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 6BEC 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4500465513950723&cust_params=mt_fln%3D1.3&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FSm-eTNE_RpT5zYgaUOwpEQ%3A1700506522%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=7C05A2DF-D8BB-4E77-B78A-9AA5677A070D&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=1700502923984&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&scor=1432019920371055&ged=ve4_td2_er697.400.698.800_vi0.0.1200.1600_vp100_ts1_eb24168_ct147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6BEC 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4500465513950723&ppid=30c62474-6efb-4d74-9543-7ea0e83e191c&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FSm-eTNE_RpT5zYgaUOwpEQ%3A1700506522%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=7C05A2DF-D8BB-4E77-B78A-9AA5677A070D&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=1700502923985&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&scor=1432019920371055&ged=ve4_td2_er697.400.698.800_vi0.0.1200.1600_vp100_ts1_eb24168_ct148
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6BEC 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4500465513950723&ppid=30c62474-6efb-4d74-9543-7ea0e83e191c&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FSm-eTNE_RpT5zYgaUOwpEQ%3A1700506522%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=7C05A2DF-D8BB-4E77-B78A-9AA5677A070D&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=1700502923986&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&scor=1432019920371055&ged=ve4_td2_er697.400.698.800_vi0.0.1200.1600_vp100_ts1_eb24168_ct149
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 6BEC 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4500465513950723&cust_params=mt_fln%3D0.8&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FSm-eTNE_RpT5zYgaUOwpEQ%3A1700506522%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=7C05A2DF-D8BB-4E77-B78A-9AA5677A070D&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=1700502923987&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&scor=1432019920371055&ged=ve4_td2_er697.400.698.800_vi0.0.1200.1600_vp100_ts1_eb24168_ct150
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 6BEC 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4500465513950723&cust_params=target%3D0.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FSm-eTNE_RpT5zYgaUOwpEQ%3A1700506522%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=7C05A2DF-D8BB-4E77-B78A-9AA5677A070D&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=1700502923988&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&scor=1432019920371055&ged=ve4_td2_er697.400.698.800_vi0.0.1200.1600_vp100_ts1_eb24168_ct151
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 743C 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87bede1a4975592bdc96dee08e1416036a02d028ebce4f0860e4d8f8e9d32be3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52773
x-xss-protection
0
server
cafe
etag
4171567671643346151
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:24 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ Frame 36E3 		585 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b92ac5f8330195f8ceb20716a7697119c25eba8fac591ba170b7bc5043b07c58

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
br
last-modified
Thu, 16 Nov 2023 15:56:39 GMT
x-amz-request-id
KKMFC0EXSFD4NFY1
etag
"a379402eb42ce8827ee12a0fe434bfd3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
0
accept-ranges
bytes
content-length
136262
x-amz-id-2
X/O7dx6EPxHfU9DCwfbvNIXmJHdX+GKndQquL6uqO4vtFP6BAPAgTzReR0heFQXaiUbjzbo0uK8=
expires
Mon, 20 Nov 2023 18:25:24 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3838
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP77J8SG-1V-AUHK
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP77J8SG-1V-AUHK
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Mon, 20 Nov 2023 17:55:24 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ Frame F2DC 		492 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4222938272626077&correlator=10169504656890&eid=31079665%2C31079658&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1700502924110&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=6g3d1ef1l0az&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMtwtS8ZN5Yf8oW2ODHrGEWj7ttvNOWdPZLfdLdT3_-ABCt4SBO5LeYRkPE1w68Y04Js5bl9HhcQcwwuuI2iwCjZ7Nx2URd4KVb2DSFSRLkIYOYUarVkH-YKwjkWItl&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1917937195.1700502924&ga_sid=1700502924&ga_hid=1368174609&ga_fc=false&dlt=1700502923266&idt=598&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8913833832c54aefa08f4f8f97ddf46f3a77ccb27c74161346863a3001134ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F2DC 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bf0bb485209aa720105a837662ff63b117446cb8d9a14db8798faa51a2b83a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12479
x-xss-protection
0
container.html
69d8865750481cae990fdef0482a216f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F18 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://69d8865750481cae990fdef0482a216f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 17:55:24 GMT
expires
Tue, 19 Nov 2024 17:55:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/ 		238 KB
239 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.133 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-133.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16646144-

Response headers

Date
Mon, 20 Nov 2023 17:55:24 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16646144-16890123/16890124
Connection
keep-alive
Content-Length
243980
9d986bc2bc87923dda4c600767c7a58b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d986bc2bc87923dda4c600767c7a58b.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9b7dc0f0f98ae79625c2028a3701c289c6c5d7451afa74fc3515b925eeb0ef67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d986bc2bc87923dda4c600767c7a58b.png
age
2075743
edge-cache-tag
319963867360963860319660097690970901169,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
319963867360963860319660097690970901169,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
448
req-referer
https://haushalt-tipps.com/
content-length
4880
x-request-id
3f3b7c76c4930f5d0e0c8b13b7e89a1b
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200166-IAD, cache-iad-kiad7000084-IAD, cache-sna10737-LGB, cache-iad-kiad7000060-IAD, cache-fra-eddf8230040-FRA
last-modified
Fri, 20 Oct 2023 15:10:25 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=6428,owidth=1600,oheight=900,obytes=1797995
x-timer
S1700502924.179360,VS0,VE1
etag
"0844628d1b17704fdc474fb3dbdf8306"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85a9ec88a119779e7632b1fdb3e841cc9ba8c128040ae142086325b230c12ce5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
1066351
edge-cache-tag
553345370031307653688610699912439950752,560938299729802386461231437678133054091,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,560938299729802386461231437678133054091,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
92
req-referer
https://sportpirate.com/
content-length
3584
x-request-id
725be485230b85344a5c00a70f5b6983
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000157-IAD, cache-iad-kcgs7200132-IAD, cache-sna10732-LGB, cache-iad-kcgs7200147-IAD, cache-fra-eddf8230040-FRA
last-modified
Tue, 15 Aug 2023 21:13:47 GMT
server
nginx
x-timer
S1700502924.179635,VS0,VE0
etag
"e5c6d9c0f2aada11bf284ce428581f10"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 0, 74, 4
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c240d086c01646f9f5ce652d31e71aadb74564b68e64f57a583c8e1cfb170246

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
4116588
edge-cache-tag
500629582064787076250330989933903002781,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
89
req-referer
https://news.livedoor.com/
content-length
5682
x-request-id
d17805a10815dd60b1cc574c4287a969
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100100-IAD, cache-iad-kiad7000169-IAD, cache-lax10661-LGB, cache-iad-kcgs7200137-IAD, cache-fra-eddf8230040-FRA
last-modified
Sat, 19 Aug 2023 13:57:46 GMT
server
nginx
x-timer
S1700502924.179612,VS0,VE0
etag
"2c06eb9fcf42f312df1716abc49de731"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 59, 5
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e91e1c00096cc046bfd4493ac1bf9bc9307158ead80a371de38b311fec6f87ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91857
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 17:55:24 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3468:1b3e:b397:53a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 0485 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1551001&cb=59914187922&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&sw=1200&sh=1600&topframe=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.14 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p014.net133186012.broadline.ne.jp
Software
/
Resource Hash
1761dcff2a56f3339cec67c21b0bf8ecf9963079240cd2e299ca2980ca8f7f04

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 0485 		633 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/551/001/a1551001.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6::210:6568 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
content-type
text/javascript
cache-control
private, max-age=14400
content-length
445
expires
Mon, 20 Nov 2023 21:55:24 GMT
st
imprammp.taboola.com/ Frame B353 		577 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&cmcv=&pix=undefined&cb=1700502924197&uv=3358&tms=1700502924197&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=faf6ae47-1080-4131-b7bb-f2a07214b3e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1dc56bc71d7e8873ce928c79210ef7f477d53dae75fe44c7a2a1409972431da8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 17:55:24 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230040-FRA
x-timer
S1700502924.211957,VS0,VE10
sync
am-match.taboola.com/ Frame DB18 		577 B
672 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1dc56bc71d7e8873ce928c79210ef7f477d53dae75fe44c7a2a1409972431da8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 17:55:24 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700502924202&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1573&pt=-99652318&tz=60&viewable=true&ddast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1448
x-cache
MISS
x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
server
nginx
x-timer
S1700502924.217437,VS0,VE93
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&cmcv=&pix=31589837&cb=1700502924197&uv=3358&tms=1700502924197&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1700502920177.6!ts:1700502924197&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-length
0
server
nginx
http-source
s8t.teads.tv/logs/format/ Frame 9B69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 20 Nov 2023 17:55:24 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 20 Nov 2023 17:55:24 GMT
http-source
s8t.teads.tv/logs/format/ Frame 9B69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 20 Nov 2023 17:55:24 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 20 Nov 2023 17:55:24 GMT
track
t2.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&pfid=68&env=js-web&ut=1&cid=1139715&gid=1076044&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=CQalJvVq8jwFY08sv5ML12vt&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1076044&dsp_creative_id=1139715&fms=9&p=bfT86ERQm0nFNNl8DXjgbBrvGE99V6w8owrQdEEGSwzdmw&cts=1700502923008&cs=-499923746329152613105&1700502923008=&slot=native&fv=1289&ts=1700502924207&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&pageId=154680&pid=169092&hb_provider=prebid&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&pfid=68&f=1&slot=native&fv=1289&ts=1700502924207&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
nurl
a.teads.tv/be-ms/ Frame 9B69 		9 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiCDyEUozNZBMkoJAAAAAIBaOT8hmpmZmZmZ6T8o17aVyQsyGyoZChUI8IUIEgNVU0QaCmltcHJlc3Npb24YATj8wxhYBWD8wxhwkOtGeJqsSZgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFEkgFVCAUQ9AUYr08g2yYqBDMwMTQw____________AToEd2lmaUIPbTI0NyBldXJvcGUgc3JsSgE_Ug1ldXJvcGUvenVyaWNoWgViZXJuYWIHc2Nod2VpepoBCnd3dy5iZzMuY2-gAQKoAQO4Ac83wgEGcHJlYmlk4AEB-gEyEi4KFQibkonNia2-oSYQmIjzuLCc5-aPARIVCNCd7dXMo97LfBCV1o3z7cvLs7sBGACAArvN_e6-MYoCB1dpbmRvd3OSAgQxMC4wmAIAqgI2QURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhsgIaChYIg4vV3bzEzPzAARD-_onCxZWQ35cBIADYAgDgAgDxAjlHCkuGp8s_-AIBgAMAogM-aHR0cHM6Ly93d3cuYmczLmNvL2EvbGFuLXF1YW4tc3Utemh1aS1qaW5nLXd1LWJlaS1oYWktcmVuLmh0bWyoAwCyAwJjaLoDBkNocm9tZcADWcgDANADAOoDJwoHCAAQARj_ARIECAIQARoECAQQACIECAMQACoECAUQADIECAEQAPIDDTQ1LjEyLjIyMi4xNzD4AwKABAA=&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=HxqRFJDq_zPOiBvIWoNKT8nDZx5jlo-pM0gf57jRZaKfIw&psid=415253&checksum=330593639
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db716f6345128256f52b92c6ac78496868965df6bb0d45fdfd147dfe381ea79c

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
9439
expires
Mon, 20 Nov 2023 17:55:24 GMT
csi
csi.gstatic.com/ Frame 6BEC 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp77j9ol&c=6203088597410&slotId=3101544298705&ghmsh_eids=31061775%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 6BEC 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3838
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=H-KiU7pbQ9aGqk2EURqvdQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=H-KiU7pbQ9aGqk2EURqvdQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=H-KiU7pbQ9aGqk2EURqvdQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7QQPAMBVHYZS9RE9BWGW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=H-KiU7pbQ9aGqk2EURqvdQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 3838 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3838
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA3N0o4U0ctMVYtQVVISw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqVdUkurxEM5ea8DUwDgOQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA3N0o4U0ctMVYtQVVISw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA3N0o4U0ctMVYtQVVISw==&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA3N0o4U0ctMVYtQVVISw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 3838
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDGviqcW8mSDBK3gSX-aA4Y&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDGviqcW8mSDBK3gSX-aA4Y&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDGviqcW8mSDBK3gSX-aA4Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3838
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LP77J8SG-1V-AUHK&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP77J8SG-1V-AUHK&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EB2PJJJSZB6YX1CPXVXR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP77J8SG-1V-AUHK&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
setuid
px.ads.linkedin.com/ Frame 3838
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP77J8SG-1V-AUHK
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP77J8SG-1V-AUHK
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EB6EAB06CD384018BD985E1D678DA212 Ref B: ZRHEDGE1516 Ref C: 2023-11-20T17:55:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKmTDAdgwXGyD/x7iYkQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP77J8SG-1V-AUHK
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3838
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Zlgab7NQONIAjJKjvrOEtsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aGXvt9tE2oI1dxi1ytf1wePYenD9jgDWvfm0Ig--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aGXvt9tE2oI1dxi1ytf1wePYenD9jgDWvfm0Ig--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aGXvt9tE2oI1dxi1ytf1wePYenD9jgDWvfm0Ig--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3838
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTliNDY1MDg5NzNjYTA1YWMwNjQ5NWU5MTRlMDU1Y2QxYmZmYjdmZg
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTliNDY1MDg5NzNjYTA1YWMwNjQ5NWU5MTRlMDU1Y2QxYmZmYjdmZg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTliNDY1MDg5NzNjYTA1YWMwNjQ5NWU5MTRlMDU1Y2QxYmZmYjdmZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 3838
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3yYiQ_VuRxehAVE_JYyJIw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3yYiQ_VuRxehAVE_JYyJIw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3yYiQ_VuRxehAVE_JYyJIw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7A9KMNDP2CTKFKJF7MMC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3yYiQ_VuRxehAVE_JYyJIw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3838
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADxMk7KtzsAABQONn-9lA&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADxMk7KtzsAABQONn-9lA&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADxMk7KtzsAABQONn-9lA&expires=30
Date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame 3838
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LP77J8SG-1V-AUHK&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LP77J8SG-1V-AUHK&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LP77J8SG-1V-AUHK&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8292904f480d925f-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 20 Nov 2023 17:55:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LP77J8SG-1V-AUHK&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8292904ecfc7925f-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
ib.adnxs.com/prebid/ Frame 3838
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP77J8SG-1V-AUHK
43 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP77J8SG-1V-AUHK
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
an-x-request-uuid
55789711-12a0-4249-b13a-baae73b44d70
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP77J8SG-1V-AUHK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
v1
match.sharethrough.com/sync/ Frame 3838
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP77J8SG-1V-AUHK
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP77J8SG-1V-AUHK
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
3.125.27.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-27-82.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP77J8SG-1V-AUHK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 3838
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP77J8SG-1V-AUHK
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP77J8SG-1V-AUHK
95 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP77J8SG-1V-AUHK
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP77J8SG-1V-AUHK
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
hb.yahoo.net/ Frame 3838
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP77J8SG-1V-AUHK&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP77J8SG-1V-AUHK&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Kd0VNZWRwRTJ1RVd5bl9FSGREZjNBWmttU3RUMkJzbX5B&ovsid=LP77J8SG-1V-AUHK&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Kd0VNZWRwRTJ1RVd5bl9FSGREZjNBWmttU3RUMkJzbX5B&ovsid=LP77J8SG-1V-AUHK&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 20 Nov 2023 17:55:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Mon, 20 Nov 2023 17:55:26 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Kd0VNZWRwRTJ1RVd5bl9FSGREZjNBWmttU3RUMkJzbX5B&ovsid=LP77J8SG-1V-AUHK&dpid=58160
date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 3838
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LP77J8SG-1V-AUHK
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LP77J8SG-1V-AUHK
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:23 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LP77J8SG-1V-AUHK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
track
t.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=uncat&pfid=68&gid=1076044&sid=174681&brid=7119&cid=1139715&rpm_reason=3&ut=1&p=pVqhP9OOch6zhg_NKaeiuJThFRhf2j4GM-uWTylQoM7nqUE91QQM9klfBnSqeT7YFNU&cts=1700502923009&cs=-914248000451750247905&slot=native&fv=1289&ts=1700502924229&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&pfid=72&env=js-web&ut=1&cid=1166828&gid=1103884&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=AjJz2lylKVyC-yKrpfYHT5Ly&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1103884&dsp_creative_id=1166828&fms=9&p=r2HOio1PDnq7qn_ZuO_CLHMQ-2j0jIh3NfO0U2he7LF6jA&cts=1700502922997&cs=647005001690370508705&1700502922997&slot=native&hb_w=300&hb_h=250&fv=1289&ts=1700502924280&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
iframe
sync.teads.tv/ Frame E41A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
2772e8943e933ab3021d340fed67437bfa5100635c7698e5dd45fcbd8637727c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
740
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:24 GMT
expires
Mon, 20 Nov 2023 17:55:24 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
track
t.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pageId=154680&pid=169092&hb_provider=prebid&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&slot=native&pfid=72&fv=1289&ts=1700502924285&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
nurl
a.teads.tv/be-ms/ Frame 36E3 		32 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiDsm0cojLBDMkUJAAAAAIBOOT8hzczMzMzM7D8ogLGYiw8yFioUChAItIEIEgNVU0QaBXN0YXJ0GAE4wtEkWAVgwtEkcP65X3j-uV-YAQA4AUIDRVVSSAFQAFgAcgZqcy13ZWJ4AIABSJIBVQgFEPQFGK9PINsmKgQzMDE0MP___________wE6BHdpZmlCD20yNDcgZXVyb3BlIHNybEoBP1INZXVyb3BlL3p1cmljaFoFYmVybmFiB3NjaHdlaXqaAQp3d3cuYmczLmNvoAECqAEDuAHPN8IBBnByZWJpZOABAfoBMhIuChUIm5KJzYmtvqEmEJiI87iwnOfmjwESFQijkrH6yIf1120QzsXvw83LyeC2ARgAgAK2zf3uvjGKAgdXaW5kb3dzkgIEMTAuMJgCAKoCNkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YbICGgoWCIOL1d28xMz8wAEQ_v6JwsWVkN-XASAA2AIA4AIA8QIAAAAAAADwP_gCAYADAKIDPmh0dHBzOi8vd3d3LmJnMy5jby9hL2xhbi1xdWFuLXN1LXpodWktamluZy13dS1iZWktaGFpLXJlbi5odG1sqAMAsgMCY2i6AwZDaHJvbWXAA1nIAwDQAwDyAw00NS4xMi4yMjIuMTcwgAQA&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=tCpDv2XtYG9ByJ6A__zKq0uvNr3tvtUbjYdzKcAcfpdSmw&psid=415253&checksum=899230655
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
45493046401d899523e4fa6ed2b1ae83d152e5c0498956b0fcbfa629f9bb7b79

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
32566
expires
Mon, 20 Nov 2023 17:55:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F2DC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Nov 2023 17:55:24 GMT
csi
csi.gstatic.com/ Frame 6BEC 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lp77j9va&c=6203088597410&slotId=3101544298705&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 6BEC 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 6BEC 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ Frame 743C 		396 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f9fe91f97e210a22350246d9bd7a7f475f49a7b5acab0b3d52ff026187fbe41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137156
x-xss-protection
0
server
cafe
etag
8283303231801796781
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:24 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame B710 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 14:51:05 GMT
etag
16674218716276178799
expires
Mon, 04 Dec 2023 14:51:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700502921949&gcd=11l1l1l1l1&dma=0&cid=1495016026.1700502922&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700502924&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=%E6%BF%AB%E6%AC%8A%E8%A8%B4%E8%BF%BD%E7%AB%9F%E7%84%A1%E8%A2%AB%E5%AE%B3%E4%BA%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=4227
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame B353 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&cmcv=&pix=undefined&cb=1700502924197&uv=3358&tms=1700502924197&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=faf6ae47-1080-4131-b7bb-f2a07214b3e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B353 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&cmcv=&pix=undefined&cb=1700502924197&uv=3358&tms=1700502924197&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=faf6ae47-1080-4131-b7bb-f2a07214b3e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5079:1120:7dbf:7a0d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
csi
csi.gstatic.com/ Frame 6BEC 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lp77j9xp&c=6203088597410&slotId=3101544298705&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 6BEC 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89
s8t.teads.tv/vast/ Frame 36E3 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/vast/5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ Express
Resource Hash
2a890242904e39037a5be5620fa7f17cf261eb568a430062005d3010d0aad3c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"877-m9LJ+QIYxXgIRFOteXakBRDNXWM"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
1082
view
securepubads.g.doubleclick.net/pcs/ Frame 36E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu63WAGNmU0Mg_Jt1ZKnP4UFLHwsInyc_BM00GcHp4AGuwkJjLQ-Rc6V0slsHWOIfYkRU_I6zCA6FZIy-1jsmH1Ss2_yeykK25_-uVxe3r9SimMlnnNhwwBFcJY4f0VIC9Ej_hQN5WPhb4_DIFDtaVNmAcSTE5WdygFazrluska7wLiB0BjD7oygm3m92R2vUaSUPYjjuzL-UgBgPLJL3k0pJg_dbM8vTj8NIMqsQ_Qm9G0GG4jbvrIkWhUApU216vJbKCnzEXsHXI55yDplbQ9dUEQP7YbVgyM_OZN9X4RRvntpVfSYJAQtXAYvl8fYtDLJkWDQD2vxf3BbmnglSv2wlt06zH3JEw&sai=AMfl-YScxD1qHGiBu5SgMuPwzRmx7mNBYn0D6yyIiKJHb4dhjFDzGcpRxBJK8sbkAmOaMVP7gYBPjhJQUfmq9WeBgF3Gnj_BaDD9iKIpw2rJ62UZuPBQAGyRsthR3tmvTQ&sig=Cg0ArKJSzFaUwAunEThbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Nov 2023 17:55:24 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 6BEC 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031478
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
01ZE3T7XP57151WV
age
471382
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031478
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
k9gB+Y29FuCyJHskv/394eW+LOyrVO+qIGhB9T9SBj9XBZsWz0mtij14fjN8fn2goV1aIx2T/Zg=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Wed, 15 Nov 2023 06:57:59 GMT
server
AmazonS3-br
x-timer
S1700502924.463622,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
579831
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_8/infra/ 		604 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031467
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
01Z2TXEZZ8JF4AVH
age
471383
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031468
x-amz-meta-mode
33188
content-length
123398
x-amz-id-2
NS2Ow4as7ytlYWEYMfJ1Q7B4SNOr19XVQQpMwKelifcyO9+4eIHJ+x74kkTTgqn0EVOjr+aQJUc=
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Wed, 15 Nov 2023 06:57:49 GMT
server
AmazonS3-br
x-timer
S1700502924.462620,VS0,VE0
etag
"e8023cd27890386539e680dcc790152c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
446658
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10143&tvi50=13123&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231120-17-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
87
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
68921
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
server
nginx
x-timer
S1700502924.466235,VS0,VE87
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usync.html
eus.rubiconproject.com/ Frame 7C60 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&cmcv=&pix=undefined&cb=1700502924197&uv=3358&tms=1700502924197&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=faf6ae47-1080-4131-b7bb-f2a07214b3e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 17:55:24 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame E41A
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzBmOTMyMjMtY2JiNS00NTgzLTk3YmUtNDBhYzU4NDI3Zjdl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzBmOTMyMjMtY2JiNS00NTgzLTk3YmUtNDBhYzU4NDI3Zjdl
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzBmOTMyMjMtY2JiNS00NTgzLTk3YmUtNDBhYzU4NDI3Zjdl
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 20 Nov 2023 17:55:24 GMT
generic
match.adsrvr.org/track/cmf/ Frame E41A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1700502924416
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame E41A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1700502924416
  • https://sync.teads.tv/um?fp=1&eid=80&uid=03756b21-2b69-45ce-9f52-1d1a26c25b03&gdpr=0&gdpr_consent=
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=03756b21-2b69-45ce-9f52-1d1a26c25b03&gdpr=0&gdpr_consent=
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 17:55:24 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=03756b21-2b69-45ce-9f52-1d1a26c25b03&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
892201
content-length
0
expires
Mon, 20 Nov 2023 00:00:00 GMT
um
sync.teads.tv/ Frame E41A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/c0f93223-cbb5-4583-97be-40ac58427f7e?gdpr=0&gdpr_consent=&_t=1700502924416
  • https://sync.teads.tv/um?eid=132&uid=y-zCW7pS5E2oQBOBN2xfiSGlNcVBklRxx8brE-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-zCW7pS5E2oQBOBN2xfiSGlNcVBklRxx8brE-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 17:55:24 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-zCW7pS5E2oQBOBN2xfiSGlNcVBklRxx8brE-~A
content-length
0
/
loadm.exelator.com/load/ Frame E41A 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=c0f93223-cbb5-4583-97be-40ac58427f7e_eu_ch&gdpr_consent=&_t=1700502924416
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
44858
tags.bluekai.com/site/ Frame E41A 		62 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44858?id=c0f93223-cbb5-4583-97be-40ac58427f7e_eu_ch&limit=1&gdpr_consent=&_t=1700502924416
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.200.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-200-166.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 20 Nov 2023 17:55:24 GMT
content-length
62
content-type
image/gif
474599.gif
idsync.rlcdn.com/ Frame E41A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/474599.gif?partner_uid=c0f93223-cbb5-4583-97be-40ac58427f7e_ch&cv=&_t=1700502924416
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
g.pixel
aa.agkn.com/adscores/ Frame E41A 		43 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=c0f93223-cbb5-4583-97be-40ac58427f7e_ch&_tid=c0f93223-cbb5-4583-97be-40ac58427f7e&gdpr_consent=&_t=1700502924416
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.223.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-223-197.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame E41A 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=c0f93223-cbb5-4583-97be-40ac58427f7e_ch&gdpr_consent=&_t=1700502924416
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.45.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-45-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n004-dub-prod.krxd.net
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=43 t=1700502924
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame E41A
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=c0f93223-cbb5-4583-97be-40ac58427f7e
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=c0f93223-cbb5-4583-97be-40ac58427f7e
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Server
54.76.38.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-38-94.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 20 Nov 2023 17:55:24 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=c0f93223-cbb5-4583-97be-40ac58427f7e
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Mon, 20 Nov 2023 17:55:24 GMT
report
sync.teads.tv/um/ Frame E41A
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzBmOTMyMjMtY2JiNS00NTgzLTk3YmUtNDBhYzU4NDI3Zjdl
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&1700502924283
Protocol
H2
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 17:55:24 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
http-source
s8t.teads.tv/logs/format/ Frame 9B69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 20 Nov 2023 17:55:24 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 20 Nov 2023 17:55:24 GMT
iframe
sync.teads.tv/ Frame D764 		1 KB
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&viewerId=c0f93223-cbb5-4583-97be-40ac58427f7e
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
2896abc8066f2e67bd76e461833ac770dccd35e99ac818e4fae239ef33058d9c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
564
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:24 GMT
expires
Mon, 20 Nov 2023 17:55:24 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
http-source
s8t.teads.tv/logs/format/ Frame 9B69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 20 Nov 2023 17:55:24 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 20 Nov 2023 17:55:24 GMT
track
t.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&gid=1076044&sid=174681&env=js-web&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&pageId=154680&pid=169092&hb_provider=prebid&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&pfid=68&f=1&slot=native&fv=1289&ts=1700502924469&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
performance-image-dco-b6088ce9-c884-49d8-a1f8-e88c9fce3992.jpg
s8t.teads.tv/creative-3e442a30-6032-11ee-be32-437230130e01/ Frame 74A7 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-3e442a30-6032-11ee-be32-437230130e01/performance-image-dco-b6088ce9-c884-49d8-a1f8-e88c9fce3992.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54ddabbadefd72b65defd6390140b6898251b5c08e6f74afd6bbedafd45c08b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
x-amz-request-id
9DJYS7YHEGG6RJSF
x-amz-server-side-encryption
AES256
content-length
159944
x-amz-id-2
T6kZHExtx7+Ja/d9da6QSWwbIylRK5ynRqrmetxR+8QGwufty/C62uMsaK7Jmu1nZ5g4/WrbfP0=
last-modified
Sun, 01 Oct 2023 08:13:19 GMT
server
AmazonS3
etag
"861354e6461bc8ed9545fbe2487be331"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Nov 2024 19:02:04 GMT
http-source
s8t.teads.tv/logs/format/ Frame 9B69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 20 Nov 2023 17:55:24 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 20 Nov 2023 17:55:24 GMT
http-source
s8t.teads.tv/logs/format/ Frame 9B69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 20 Nov 2023 17:55:24 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 20 Nov 2023 17:55:24 GMT
track
t2.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=impression&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1076044&studio_cid=3e442a30-6032-11ee-be32-437230130e01&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&pscid=20204&scid=7024&pfid=68&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924250&cid=1139715&pid=169092&erevenue=3sWTI_HYfJDNVmuA1AVWNtKQ&erevenue_curr=CHF&fms=9&p=kAmVdg9wVK8V8ywxHMpbFf6SJsaDkxUttQANhh9cTPkfchybIbgTyolvmGmMRcXncLYMCcBgVRf6dDKaCQXQKDi0dRDRXC3Vrx2juZoQeaQ9z-WsUJmy9tbdX01kbo_WVokJAD_6OY-zahyW5l-VHkCnJnRoR8w5rAkKoiZOP7HtPEOCAOLBmsSvApVJRwBPj36yJU29XGMPO8spmAhOL-i9aj7FQaqcOsDs_9tJ60pxak8Ws040Yd_jXguNK4ksPcr7Rn6YJj8ikBc3hDucB9TJKPawQpPAUB5pRZ7jEy5qE4zwNnRE7Z0rFp4XB6AIwNFBSD2RpB4HUMPX4IUsFsgZnKshe0Cqk96YrHq5gsuXXA&cs=728008650062585514005&slot=native&fv=1289&ts=1700502924481&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
B30596275.377000711;dc_pre=CJqDi4aT04IDFQW7ewodjiICfA;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700502924249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/ Frame 9B69
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700502924249;dc_lat=;dc_rdid=;tag_for_child_directed_trea...
  • https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_pre=CJqDi4aT04IDFQW7ewodjiICfA;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700502924249;dc_lat=;dc...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_pre=CJqDi4aT04IDFQW7ewodjiICfA;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700502924249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_pre=CJqDi4aT04IDFQW7ewodjiICfA;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700502924249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 6BEC 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
truncated
/ Frame 74A7 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6735 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
11201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 14:48:43 GMT
expires
Tue, 19 Nov 2024 14:48:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B045 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c00ab9d997786983dc74dfc8251f98c3b6208d795224cc67394784bdcab8fab0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lbCtti2ZDOMfqiA5zIiTGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lbCtti2ZDOMfqiA5zIiTGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 17:55:24 GMT
expires
Mon, 20 Nov 2023 17:55:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
im-uid.js
dmp.im-apps.net/sdk/ Frame 0485 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6::210:6568 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=6794
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
expires
Mon, 20 Nov 2023 19:48:38 GMT
usync.js
eus.rubiconproject.com/ Frame 7C60 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37777
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:25:01 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 6BEC 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame D764 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&_t=1700502924501
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&viewerId=c0f93223-cbb5-4583-97be-40ac58427f7e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame D764
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700502924501
  • https://sync.teads.tv/um?fp=1&eid=80&uid=03756b21-2b69-45ce-9f52-1d1a26c25b03&gdpr=0
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=03756b21-2b69-45ce-9f52-1d1a26c25b03&gdpr=0
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&viewerId=c0f93223-cbb5-4583-97be-40ac58427f7e
Protocol
H2
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 17:55:24 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:23 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=03756b21-2b69-45ce-9f52-1d1a26c25b03&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
736383
content-length
0
expires
Mon, 20 Nov 2023 00:00:00 GMT
um
sync.teads.tv/ Frame D764
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/c0f93223-cbb5-4583-97be-40ac58427f7e?gdpr=0&_t=1700502924501
  • https://sync.teads.tv/um?eid=132&uid=y-phvMvChE2oTt9LudjPX.D2X9e47CcozqLh0-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-phvMvChE2oTt9LudjPX.D2X9e47CcozqLh0-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&viewerId=c0f93223-cbb5-4583-97be-40ac58427f7e
Protocol
H2
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 17:55:24 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-phvMvChE2oTt9LudjPX.D2X9e47CcozqLh0-~A
content-length
0
um
sync.teads.tv/ Frame D764
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D19%26uid%3D%24UID&gdpr=0&_t=1700502924501
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.teads.tv%252Fum%253Ffp%253D1%2526eid%253D19%2526uid%253D%2524UID%26gdpr%3D0%26_t%3D1700502924501
  • https://sync.teads.tv/um?fp=1&eid=19&uid=7556108170959009897&gdpr=0&_t=1700502924501
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=19&uid=7556108170959009897&gdpr=0&_t=1700502924501
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&viewerId=c0f93223-cbb5-4583-97be-40ac58427f7e
Protocol
H2
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 17:55:24 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
an-x-request-uuid
736dca9c-0fba-4999-8cc5-0f8770925011
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.teads.tv/um?fp=1&eid=19&uid=7556108170959009897&gdpr=0&_t=1700502924501
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
sync.springserve.com/ Frame D764
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=170050292...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=c0f93223-cbb5-4583-97be-40ac58427f7e
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=c0f93223-cbb5-4583-97be-40ac58427f7e
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&viewerId=c0f93223-cbb5-4583-97be-40ac58427f7e
Protocol
H2
Server
54.76.38.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-38-94.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 20 Nov 2023 17:55:24 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=c0f93223-cbb5-4583-97be-40ac58427f7e
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Mon, 20 Nov 2023 17:55:24 GMT
report
sync.teads.tv/um/ Frame D764
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzBmOTMyMjMtY2JiNS00NTgzLTk3YmUtNDBhYzU4NDI3Zjdl
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&viewerId=c0f93223-cbb5-4583-97be-40ac58427f7e
Protocol
H2
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 17:55:24 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0C5F 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b71c49244aee8a08da6c1e087b08f7beb18116f845d5f093ae29cf435e922247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13352
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 17:55:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9F58 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
performance-single-video
s8t.teads.tv/vpaid-builder/ Frame 70E2 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/vpaid-builder/performance-single-video?1286
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ Express
Resource Hash
ef934b24218a6d9b7dd57b7a0241cecd8fb3899ee5ac35554dd462f997a252a1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"1b523-XrN34wLYPOpZzUqw3rddUk7y1b8"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=4273
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
32282
khaos.json
token.rubiconproject.com/ Frame 7C60 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LP77J8SG-1V-AUHK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
generic
match.adsrvr.org/track/cmf/ Frame DB18 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame DB18
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-zs5ZFtNE2oQ1qT5LEj3Nl7ncOgqtvxlgE0FsIg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-zs5ZFtNE2oQ1qT5LEj3Nl7ncOgqtvxlgE0FsIg--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29832

Redirect headers

date
Mon, 20 Nov 2023 17:55:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-zs5ZFtNE2oQ1qT5LEj3Nl7ncOgqtvxlgE0FsIg--~A
content-length
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 6BEC 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
28059
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1700502925.705240,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
71
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
21836
get
audiencedata.im-apps.net/imuid/ Frame 0485 		10 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HFPXYVCW3RJCWMGFZB9WK5B4
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
usync.html
eus.rubiconproject.com/ Frame F047 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 17:55:24 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame A0AA 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
189248
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 13:21:16 GMT
expires
Sun, 17 Nov 2024 13:21:16 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3FD1 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 20 Nov 2023 18:15:37 GMT
480_650.mp4
cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/ 		100 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.133 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-133.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 20 Nov 2023 17:55:24 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
usync.js
eus.rubiconproject.com/ Frame F047 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37777
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:25:01 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1706307
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1700502925.816959,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
156974
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/ 		427 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700123877
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
TM6A5JR15KMRX4A9
age
379008
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700123890
x-amz-meta-mode
33188
content-length
81612
x-amz-id-2
WWxa5Yx6lYIC1hyCK1wBgSijKv3fJvw5DqBFGdy/3sBBnytkWsmbSBGlIc9sKVFHPXnxfssdpCw=
x-served-by
cache-fra-eddf8230079-FRA
last-modified
Thu, 16 Nov 2023 08:38:11 GMT
server
AmazonS3-br
x-timer
S1700502925.833105,VS0,VE0
etag
"3d881848170c7ab7d2916771d7b9012f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
468428
sync
am-match.taboola.com/ Frame 7421 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1dc56bc71d7e8873ce928c79210ef7f477d53dae75fe44c7a2a1409972431da8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 17:55:24 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&cmcv=&pix=31579697&cb=1700502924826&uv=3358&tms=1700502924826&su=3&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:24 GMT
content-length
0
server
nginx
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 6735 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:51:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 14:51:09 GMT
480_650.mp4
cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/ 		224 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.133 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-133.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=65536-

Response headers

Date
Mon, 20 Nov 2023 17:55:24 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 65536-16890123/16890124
Connection
keep-alive
Content-Length
16824588
sodar
pagead2.googlesyndication.com/pagead/ Frame B045 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311130101&jk=4222938272626077&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Mon, 20 Nov 2023 17:55:24 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
1294016
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1700502925.905630,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
231617
track
t.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&env=js-web&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pageId=154680&pid=169092&hb_provider=prebid&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&slot=native&pfid=72&gid=1103884&sid=174681&fv=1289&ts=1700502924893&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
khaos.json
token.rubiconproject.com/ Frame F047 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LP77J8SG-1V-AUHK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
generic
match.adsrvr.org/track/cmf/ Frame 7421 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 7421
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/f8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-zs5ZFtNE2oQ1qT5LEj3Nl7ncOgqtvxlgE0FsIg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-zs5ZFtNE2oQ1qT5LEj3Nl7ncOgqtvxlgE0FsIg--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33310

Redirect headers

date
Mon, 20 Nov 2023 17:55:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-zs5ZFtNE2oQ1qT5LEj3Nl7ncOgqtvxlgE0FsIg--~A
content-length
0
usync.html
eus.rubiconproject.com/ Frame 8552 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 17:55:25 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
video.high.mp4
s8t.teads.tv/creative-5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89/ Frame 70E2 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/creative-5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89/video.high.mp4?1dfb11bde3fb061fdd3e9627176be97a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1de2341dcc701a1b5f992b44f6f6cc3dd701bd27121bb89e80b2fc711228347e

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
x-amz-request-id
DE7V995XKC4M29Z0
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-3463652/3463653
Content-Length
3463653
x-amz-id-2
28b7PrMw000rvMe3P9q9XZeRoVuXtKblMZSPBh2kp1tUgEkYy5rpDfU7hIn5hwNHsO5SoAO8/IM=
last-modified
Fri, 10 Nov 2023 14:00:01 GMT
server
AmazonS3
etag
"84c87d6f0c5523c5a4e55b836dd098dd"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Nov 2024 19:02:05 GMT
usync.js
eus.rubiconproject.com/ Frame 8552 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37776
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:25:01 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame A0AA 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1535189415075483&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FSm-eTNE_RpT5zYgaUOwpEQ%3A1700506522%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=9A450DB1-193F-493A-95E2-6EB1441509E2&nel=0&eid=44750822%2C44772139%2C44777649%2C44781409%2C44795416%2C44802074%2C44802463%2C44803784%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=1700502925130&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&scor=1261896187953214&ged=ve4_td3_tt1_pd3_la3000_er698.400.699.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 8552 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LP77J8SG-1V-AUHK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
track
t.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&env=js-web&pageId=154680&pid=169092&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&slot=native&pfid=72&gdpr_api_version=&gdpr_cmp_id=&gdpr_consent=&gdpr_status=24&gdpr_reason=240&rpm_reason=19&hb_provider=prebid&fv=1289&ts=1700502925160&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame 6735 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yAcf_A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 17:55:25 GMT
frontend
s8t.teads.tv/logs/studio/ Frame 70E2 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1286
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
frontend
s8t.teads.tv/logs/studio/ Frame 70E2 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1286
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
player-sprite.svg
a.teads.tv/media/format/v3/assets/default/ Frame 9F58 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.teads.tv/media/format/v3/assets/default/player-sprite.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ba7f40e2b4080979389e9b81e6d0ed155e9b7f74b3310bc1289ee70cba2035d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 09:09:26 GMT
x-amz-request-id
8GEXNEMJ23FS12ZB
etag
"6a80cb691946e09ba579b0f8456aae28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, must-revalidate, max-age=16070400
x-bucket
0
accept-ranges
bytes
content-length
3379
x-amz-id-2
iEmgktUmzdb79wFJDJCBylLdlg3Yg0BgBM1GoTMQ4+Y65uheM/KqKt4/Vzr/3JMhwnSA5bAyVO8=
expires
Fri, 24 May 2024 17:55:25 GMT
frontend
s8t.teads.tv/logs/studio/ Frame 70E2 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1286
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:2a3::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=impression&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1103884&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pscid=20204&scid=7024&pfid=72&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924323&cid=1166828&pid=169092&p=flI5cNJ373BtILLTvVvsa3TzITWECtni3Bp91NKzeH6fvfB9ZmkELV_fk_qpRSn2WuHhMOTf9fUBWu2zF8D4iKwjkrhNK_L3V5oTi87KKQzfOSDaCtpYDHmfYWneqQXV792Xs4C_K3-P94yQKKxa06lYeS3WbXgDgHISmBJjy4PqvHpXUjAKXo9cqyjyxbZOr9xkH0bYOLilIaMxw4l-VlxzjqYDRdFGQCsZwHcpyIfxMaPMG3cUxXsN8guBZ5VXJJ-dKspXyuN0BHubWDfctWpc8PPcB_iXrFE-auEwHYQsowcha1-n2j2A6bjZkf1s-bouXgYgRM10cspTEx4gcv56qLV09EPoXXX4_M6RLXQtlA&cs=-57702203019308085505&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
studio-t.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://studio-t.teads.tv/track?action=studio_impression&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&random=83379722&&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-245-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=start&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1103884&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pscid=20204&scid=7024&pfid=72&cph=0&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924326&cid=1166828&pid=169092&erevenue=OXo3CyzcN-m7hKmZK_B72VJN&erevenue_curr=EUR&fms=9&p=TtxZbsV71y8mSR9DP5l8tKF5hO2JQuDDOL_5UMr0oXeA1S9RCKilRqXnZLbZRvi9-Y_HF-Wejf9FMkGVPHLOXaOrWyoz-XHcCeb7b8Cf47U9b8JuIlp6AJMytiR1tCs2xkUjp7u-V9U4XoKlfJJhcYSbs8oHY2hpo5Zo4zJBj_DHrix7dXjV8ZSyViSfKW1FfVtaRgfT0QT03dWSpZ1yI84qTsKD3XIm4QVbqmGT2-2ZNrtH2UvYdVzV2_8CEm-Hqrt0-W9IulNAHL-Hv6cSekMih7Ms8_69CsBkNi8njDnll0hlhku26YhVCRi5ihMSh4HeC0UMOXP1aoPioAw_YjwMeqV2w5lSv9nnfgKj1snW7w&cs=580071048040233832305&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
inview.20190130.min.js
js.genieessp.com/j/ Frame 0485 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.129 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
gzip
last-modified
Thu, 14 Feb 2019 06:15:01 GMT
server
nginx
etag
W/"5c650765-13cd"
content-type
application/javascript
cache-control
max-age=31536000, private
cross-origin-resource-policy
cross-origin
expires
Tue, 19 Nov 2024 17:55:25 GMT
jstag
genieeintl-d.openx.net/w/1.0/ Frame 0485 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://genieeintl-d.openx.net/w/1.0/jstag
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8e452f4ebff3437beab67c1ab37ea1331d0d801c65fed2ad9c6ca654bfb29280

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18067
expires
Mon, 20 Nov 2023 18:55:25 GMT
gl0
ialaddin.genieesspv.jp/yie/ld/ Frame 0485 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/gl0?zid=1551001&asid=11030163&idx=0&cb=a0f2bdb0c6&l=DgQ8_Fwo4DQd-a2lajsIje7Tko34j7XAit4wdZe6jBzuUF5K3K4c4Fv8s-8TEBD1wFxT_-KDhNSXNDUWjCvxYl-x52QFNGu8jPSOSjGDaaFN6AV76aTZGuykMPOnRc6WRpVC65kR77vskLm9_PskxZSiADXby3KFrAet5_SwDPtpNon0LNqurj3C9rMr2qxVtO6RtANsiouTnj95XktX7in-vR8D-QjsewrkfpytoRn24fintAh_0HG3Jl-PQLyA-qmxp_C1-3j3ECQDxv1AnDEwACsZa8MGOSYoRZ3LV6SEYZgzCIVX9ou0vjdIHsetLsiKGyhsryv-9sG9pvUlzq5I4DIcpWghLOEEuHzhakPrQSAQHSNu1GY3n1-5bIa3XKw2X7BK5cx1KAh4RYKCfSPJ63cAekfrtVAzbO6TyaBpN2D4VTugnLQJT4zQsyhlO008mdIz-jBIS7EHTgiC6M3BsaPy4TByfAJUx9NoT_NKyZK731KCtx3oQRm5LaIDw8Up1gm64Pw5G3IKJr2SzbfWzRBLQ4bfARAQ7qWk8udiwNlykgsVdqVfWERqAczQIh-KaWPokdxSpFm0HfkdQWeKchWY6dVQyN9uvtAU9-NF7bEmJ79s3GdWcgT45gkgQPcF142lCQKmlcTqoPXKamx_ZmLpZIctfqxxSIV0ciug_cYdbldmlmstOK6kCB4Wi41E2FokN9xLHiEXvwi8CULO3IAMy2_zVvgpsXMNI7k
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.14 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p014.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
cs
cs.gssprt.jp/yie/ld/ Frame 0485
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=ef5a6cb8f6f6993411e2f080255de18d
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=ef5a6cb8f6f6993411e2f080255de18d
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
133.186.12.14 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p014.net133186012.broadline.ne.jp
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=ef5a6cb8f6f6993411e2f080255de18d
date
Mon, 20 Nov 2023 17:55:26 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 0485
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybAyBFaRei72BmYKxO-gTZdVaJTrqZ7boBHAwRstMXbAxIA5StOEdDK6zXk4uJJZZfcQ&format=gif
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybAyBFaRei72BmYKxO-gTZdVaJTrqZ7boBHAwRstMXbAxIA5StOEdDK6zXk4uJJZZfcQ&format=gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
133.186.12.14 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p014.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 20 Nov 2023 17:55:26 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
43
p3p
CUR ADM OUR NOR STA NID

Redirect headers

location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybAyBFaRei72BmYKxO-gTZdVaJTrqZ7boBHAwRstMXbAxIA5StOEdDK6zXk4uJJZZfcQ&format=gif
date
Mon, 20 Nov 2023 17:55:25 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 0485
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5p4VRfLTDksQfKhV6VBZeWWgvxDTYGW88g7Vqn7IBBFgBfuqsmaE_NK_nQe50reeg&format=gif
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5p4VRfLTDksQfKhV6VBZeWWgvxDTYGW88g7Vqn7IBBFgBfuqsmaE_NK_nQe50reeg&format=gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
133.186.12.14 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p014.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 20 Nov 2023 17:55:26 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
43
p3p
CUR ADM OUR NOR STA NID

Redirect headers

location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5p4VRfLTDksQfKhV6VBZeWWgvxDTYGW88g7Vqn7IBBFgBfuqsmaE_NK_nQe50reeg&format=gif
date
Mon, 20 Nov 2023 17:55:25 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
cs
cs.gssprt.jp/yie/ld/ Frame 0485
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=h0w6yiNGBI6SGBXcjp1bZQ
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=h0w6yiNGBI6SGBXcjp1bZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Server
133.186.12.14 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p014.net133186012.broadline.ne.jp
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 20 Nov 2023 17:55:26 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=h0w6yiNGBI6SGBXcjp1bZQ
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
97
csi
csi.gstatic.com/ Frame A0AA 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp77jaga&c=6203088597410&slotId=3101544298705&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C5F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkRwx0ciJqXPXx5DDiC7OAwAIuWq2mXuH1622sfiFnSlRmZIQZR4G3bsVbhonJ0DKgN4Ty9__TgSot9UCgD5WPbscaXldz5cNzynlICRdtFxckFQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C5F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17457273722317361139&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0C5F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0C5F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
11212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 14:48:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0C5F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
67107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame 0C5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwpFmMD5RnfjVLoEKtNGhc-63h-RJdd96z_U6sBZTS32Q8URvDrafCiojZu1N1OkSECOcTGTWyuGRU6p6DNAmeicFejw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0C5F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 17:55:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E77E 		478 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX1qVnirgspmjqDNsQIcG7ZW8staNVFNiIN6LbpKrWQJu2FBon1QpahL2Fv1cMNZdxir-hmDfEddKao7x31XJEgPM-fCQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 17:55:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 17:55:25 GMT
acj
genieeintl-d.openx.net/w/1.0/ Frame 0485
Redirect Chain
  • https://genieeintl-d.openx.net/w/1.0/acj?ai=cbe53081-409b-4d01-bfd7-a7beaa670673&o=4587792331&callback=OX_4587792331&ju=https%3A//www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&jr=&auid=559...
  • https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=cbe53081-409b-4d01-bfd7-a7beaa670673&o=4587792331&callback=OX_4587792331&ju=https%3A//www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&jr=&aui...
495 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=cbe53081-409b-4d01-bfd7-a7beaa670673&o=4587792331&callback=OX_4587792331&ju=https%3A//www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6e710f2efbf965a6b3cdaafe51ea36f8a9bf30d31420c308a48c940e8e0630a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=cbe53081-409b-4d01-bfd7-a7beaa670673&o=4587792331&callback=OX_4587792331&ju=https%3A//www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
date
Mon, 20 Nov 2023 17:55:25 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame E77E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX1qVnirgspmjqDNsQIcG7ZW8staNVFNiIN6LbpKrWQJu2FBon1QpahL2Fv1cMNZdxir-hmDfEddKao7x31XJEgPM-fCQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E77E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNKxwzyknnU7kP0U2OTmn0&google_cver=1
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNKxwzyknnU7kP0U2OTmn0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX1qVnirgspmjqDNsQIcG7ZW8staNVFNiIN6LbpKrWQJu2FBon1QpahL2Fv1cMNZdxir-hmDfEddKao7x31XJEgPM-fCQ
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZiDriUfiMuQVSIEz1enXS1GZ9QfZxfFoqCnrZxzbTzfi9s8NpIn1OMwUO1gpGa%2F3XZAhi4swSjyb%2FbWUWSy3gm9W%2BqCNKuVZAoOJsGZZKmXlIPfZG1S3IouWX5BeR%2BoEMCVkQT8%2FwJ7WA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
829290548ed765b8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNKxwzyknnU7kP0U2OTmn0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E77E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVudjV.RVDLcnq5IycOZiAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNKxwzyknnU7kP0U2OTmn0&google_cver=1&google_hm=2
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNKxwzyknnU7kP0U2OTmn0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX1qVnirgspmjqDNsQIcG7ZW8staNVFNiIN6LbpKrWQJu2FBon1QpahL2Fv1cMNZdxir-hmDfEddKao7x31XJEgPM-fCQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdnGyAHdsPXFLGGPJCOH5igR4uQnevX5aawwwy56IYobpEMvMUkXhYtKGrT%2BHRyt8MKcsNS9VcYVLdxAF4gP0pwmJ2B9Qrc8I4P6DxuU9V7XQzK0A%2FepS46xX%2BZ1mlg3T%2B9LDfCY%2FGyNFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
829290552ed937d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNKxwzyknnU7kP0U2OTmn0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 36E3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5CoYplq9WWu0h1kwJrYHCzAnEGch-DsK5loj_Ulx3LT1xsdymTyf2_EE3Rlobj8GLXvu02R4fPIZYywqs6sUcNP0rlOJZk_g7auR35ez1J1gbc-4Lghud_Omtpre58RReB2wBNtw8vw&sig=Cg0ArKJSzHL9RyqIZEMXEAE&id=lidar2&mcvt=1003&p=60,295,310,595&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700502923523&rpt=920&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C5F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8530971340121&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C5F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8530971340121&version=m202309260101&ct=77&x=1&cor=17457273722317361000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0C5F 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNgydLthLuM9IXuMVo3fVY1wV_jrcN6yXJNiJwKfWYTv0ryCUrOmd4ibnszxzZJumKlbMvgRXfnqtRAq3UdwBHRsf09WKoHqp3dtEMkwMsoI-auZZnSPePKQMsIfKsLgv8y7KnQYiOUa-zqq36LxTgg6WSGPppiP6xhVYzJNN19nbkrB0&cry=1&dbm_d=AKAmf-BlrT-onHEy_bQ-wxfoVQiQvr9fWYpAF2tg1vkB5vTTFk7--5DgWqV1wItnoJQazO8gMgFS-7seDwdMxegF5IslyQ5n2yKQj3jha9xLD3EJ94OkxGjkfDC23G_5zbf8cwds6Bc3raT6YGcMzWfiOawTuw2FV-cP3l1skQVSTRBHfRKPadA2XpNqoJInzeZXvkjNv-dRs9t2PrvuJdlsdlORV8i15TuV0eJvmZVYX08t2dQtZPiVYmzWDSW7remBwYQZpNp4BuV84g-A6W-L3QhU2ipfQHCJgDOsOBNFHPhmPBolKYVq9qQdLMIRQKIICBX4fxdGhSaBQ9KrZ-_LvnWPEmk_ab9mQ56oys-shrqrkDilgm8LYpkxpCH5Jc13JIwVhaeA1sIF68eWHKTcFavXPoRnIqOYz3-Dm_OSOOTLUlv2o4kz5F_DRKOvZ3vj42ZsOCDP4QOgBTObel0LeillzqNTC7im_bLMXhD4FaCECbNVXvJO2zNKcM8iLkw1LEarz_LtHM6hG7gBPdjV_8RhuckGR_tTRvBQ-ZhbLtNuZQNJcatso3_nGpUYzPOeAvFho_zqwnROUm38EmKfxV5R20MpI6e25RckQImnEjEcJZrG7ZZrItwZxU36_gToYrhCsoIzUg8wkEW5Kv7jSQnN4l3JqwD1HNtJqOUfQU1q0oc-BW8K8l9BDk3wqDGRG7tZ837pz1BABONBQq8isOh1QTAQA7MGSMxBefgDBQwxlJ-gwUPak-OzJiOTeJgb72K5kCHIKp9NRKnnCL9SOFRvqAcGCIVysERcwg78F-5meH68cCaXmsILV9iqSz8qCugkWNn7E-NMVBJobx-AJn5BWLnumxQ49bkHW1hrcHgcZfxtSuOcNlT6Y_O4xjfgUkjTyjQpBRk7gkHejL8EAcM9JvHS3jJEFbiI6Hw6sTLhr5iaR6k7jkzAJElT4CxNIaTexGqMYSS-GBFO1HtUelSfvqxJjuvAem_v0pIP3onGpUyOm7SVAImvpJiclle2lXgFLlcfhrmffz69mL0dzF90lNSVLl8RvUZdCsEt3wtlXMDh3EyRD5iM4up-0UbmPd-lmFTHVNyelEayPX4cYsGcw_pAbifmjbkqziueBek1i5ykyFX-OGsB_jKbFsq_JlDFRIkR67ddXEGfk91RiI58KS9TZ6FWLw59NqA-7_b7XapLDJoj-gwSJ78zu_lBxaJgt2uiu7C-Gv2EW2qUuivbusx27lXPO1Qi8ivRo9jJdy-JaRqWjl0WZymcPlMXAI01s-yWmnpZR_Fkr8fGob10nIWxRcIJOsj7oJzZ30gejb3DcfmudfHkqRHfUswzlF4j2NXX3nYenbmuLdUjlTF9eIYQT_eM4rSsLGYjGTUR1wwqnOIou0Yy-QH2og_NTHTbZeGieNEG7itIDZ6HIep2j_aNrIFFV_LRl-Cvqs40d7bgr7D7hsvCa2up_vIs0GZAzcfbAfvmGBWQg5SbNFI6CIGs1Ma77nEQgf5JT-Y9WUfympTCXwm0b_J2oEY3BWQtszO8mybLE2ZOiSohHS2cFPKAMWWa1QEPf707-q8rf6lUgf6QVDEArHqtN0w_IoAVNjDuRJyJcWynD95F3O9cuPXsP6MA6vu-4fuad80Kyl7xg0HTQHGxPMYisTZF1POdnYTWeFBOw1nwR0SWu2P8Xw-F7lNbKp9aOCncFj3zs596rM5mr710ctbF26QdtSGzVGxEbslVkMo0SJjgaLEtI0NVaCeQhmM1ADoVC_JeKhyvZqm6ic2J_D5SVgT1biLAmK-Q2S6KyQlHfBV4C8pGgVzdwrUms_IP0HZw4Rq6vIlUu1A9SNazsyR6aFldZnLVT6FYVNVYMNJVbyDt76fdiCcjtETZ-15af4IPKJYly4NhbKksGizcBB5jFE4zVDcnuids9QYGOetoMfxAJfAXEVR579msBAKIUwD004wNb5jTrJ_rLU-g-Xt46EWay98Xqo7MN18qzgxGtW8MjBP33iyYyA_7fZlv0u8VN06nLqyS9rr73T-QnwuAsRlPFZACeK3ajESAdLwR4Hg8ObQ6CoDFuBQLxniCDUpdiwHX2TU6CY4r-b1PGJSzG2hNrJkvMTUiibo3ikKmvj_y3VKWXeZRveVpDQwtpxkmUbdcdQSNmp717q_YWcgkcmFZc86bHMD1KHREm9Rt8aSBdLiNGJK47yO2vRIqqd_klcfMokll1_VV5_dSL08c3YW3wyl-vrvRvAtDNGAAgH_YsXhRPpbAfElggRpYqP0hyxiB5VLu_r066NAmQCiUJwbrOgkr9lUz0mfq7mtQCS1l7LeVg6GDZRlR86i7SxVhEHfIcZH0yGI23Zp4XnB43Npw1iyqd4OheeuiJEgXs2ljedN5HaqNAxChxOjx-WiFjM9VLrCCp5MFf0h0VpM79atMVzQvjPd4FfRdjp4-DIxjDV6Nnd58xRLi3kzRR8pq-dp0aewUNcZYr2PUhajYTg-hJ955waH27Pn5eKmUqtToueoduD3PLIjBmcJSDmt0v_dW6LcQn9-g86rI5o185485lDsyK8irfEX_2Nz78XxCZFUTIFXTu8id3gTxyZfPUvaSUVnPpbRhAv59tSQRwVx2Du2Z70a6rO0DXa358teyHWqjPNJs4adGeBy-xl6jvOIo0PXV9oRKwb8QoEtgKy-H4ZFcapJY4SEi1Re2i_0dyMEjMVVgb-U-4NaFmQ32JvnsB8fXF7Ey_Kz4ea8sEhpwWS5bqGMhR52dtGvA3YmjkUY8CsheUpf4Xh4P2LAbV5yQAKdQKdTDE9d6mIvTzBa86y9bgbP1v0wzRPfqeMape-BNz0SeHHhHfc4X8WdyUIDM3OvK2vpM5tDJzlVQRqrT8yhIRri7dOdIHZpOkw8vB5DlRS6REt8Dxn5duyHXROB2emBGdU6Kggi8ZIeTT6v65TA5eL9DvsrGgxDXppyDVBU8kyRjcQHuWwuLQmk4eMwXoT-aNwPDh1ZtD-HUYGhzPVIykUVd5WhH4bfLNP84mBkuk-bEB0dXZ44Z4Js9SB0hkRkqAKI2my4slCuMdyUh3hgNCzdVC1zBXEyJAh1eFEop0AQPGT8342oH2Q40ZADEoKpC-RJn1BZNdcGQ252tsMhtYY23muujGG0CRNR9EEnRdJYZw6PmnOMB_50CYwgvelHJaE1kRrWShOFl7wMxAr4Aw0usrV-87F5q61go0tb5iTj1pIPKSwq1FDu3xydNjyrmjxfbK_8TzCMlihCGoy2KWLXpwwNShylTIbS2xpC2rCJT3foYtleuaB8MrfqOOy4lSguU54Q-1daYYGcAppD8NEyiVWUMa6CSGMQ4eBHy_RtLYQDaFOmuWLjZP6PFitIYXwF9EKZaP7X7OzmnjV2vQmbru6TdpEIsU8vzn5vKHplv8NUzEdYxFOMc53CnvhnizlSgdQZJVKpO_V7GqUYp4-X2t_Cx3V5V35NHk4DKGmAE0oMDNQD57iSP4q17Bl8JGC75UxQmFyEiEwqHHBA6U4mjx7UWwf1e8otm3_M9-8p_2-Nn_pEO6W0ulyerlLlsVMVibb3BKl8gjyHkKY5thc4tZRVj50HHvchveSIMhq4fw0FHo1oZWa9ES624d64flWL1n9xFhfGSdcBcZV1grb8xWh_lbDgIuSSJ_OjlfS6FytfIqq_oeL7mI0gfC2AEuRBilYTtMHlSL7AWuq1-7RBOC6LPaCtoYEKX8G0KZCLaj7KglJUF2iHI1MdEoNn-EI00jUdvoDgLlhyIITklSip04mFXpa0KGcaQ3ZYd6pOADXfOnhWdvwdnRxzigDy1ynxdqFcBoFNvDNvl4f_rYI6sxInS6HkS-b8kKCtvu-nFVrG9euvjlWEL2h9fEhnVry2eGkPrD6zS_1r9MKr8jgDY&cid=CAQSOwDICaaN6DyVl0-PejR9KqH9VqOtW7IKGZphMwBYSpmwPOHWKwQA_ulNZd-25h-Qutzvf-EKjFHHSFSEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=17457273722317361000&adk=676413724&idt=93&cac=0&dtd=42
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe8352f202b554ab7f2b5f7227faab2cd2bcb35412e138cf88e3adf9ec6c75a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14003
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t2.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-1&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1076044&studio_cid=3e442a30-6032-11ee-be32-437230130e01&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924250&cid=1139715&pid=169092&p=4gX7kEpQVp3ldW9ATJNNqbscPpRWxUzEcshyj4CV3mfH975qTsaRglTn8pbIIE_A8ZnrswMoXdZTViRbe-kyaVGnldm9Udxlyfu1yXmXV-jWrf8Qi9v5dmTiVzNva2Lpxf5HcWBaYXPZi_4U7Ki25Bf7b5zwKoand_Z9CZln3nvUDLX-n9rSxGOxyhMxtDgBVEULCguIdNi-o1LzW7j34tVSS8hQYwg405vkVqpnda_byY6uGrn_Uzo4roq7Ym66eyT9tPfzd2s8_T3sf21riycHvDTLBh3mvNF3NDBCOKXu3Ymz17cLnrLI_zVLy47k83zcsTPyHEYcV9u479y861iqcHgAigMslDUWJySjDZixTA&cs=300946499242341926105&slot=native&fv=1289&ts=1700502925519&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0C5F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNgydLthLuM9IXuMVo3fVY1wV_jrcN6yXJNiJwKfWYTv0ryCUrOmd4ibnszxzZJumKlbMvgRXfnqtRAq3UdwBHRsf09WKoHqp3dtEMkwMsoI-auZZnSPePKQMsIfKsLgv8y7KnQYiOUa-zqq36LxTgg6WSGPppiP6xhVYzJNN19nbkrB0&cry=1&dbm_d=AKAmf-BlrT-onHEy_bQ-wxfoVQiQvr9fWYpAF2tg1vkB5vTTFk7--5DgWqV1wItnoJQazO8gMgFS-7seDwdMxegF5IslyQ5n2yKQj3jha9xLD3EJ94OkxGjkfDC23G_5zbf8cwds6Bc3raT6YGcMzWfiOawTuw2FV-cP3l1skQVSTRBHfRKPadA2XpNqoJInzeZXvkjNv-dRs9t2PrvuJdlsdlORV8i15TuV0eJvmZVYX08t2dQtZPiVYmzWDSW7remBwYQZpNp4BuV84g-A6W-L3QhU2ipfQHCJgDOsOBNFHPhmPBolKYVq9qQdLMIRQKIICBX4fxdGhSaBQ9KrZ-_LvnWPEmk_ab9mQ56oys-shrqrkDilgm8LYpkxpCH5Jc13JIwVhaeA1sIF68eWHKTcFavXPoRnIqOYz3-Dm_OSOOTLUlv2o4kz5F_DRKOvZ3vj42ZsOCDP4QOgBTObel0LeillzqNTC7im_bLMXhD4FaCECbNVXvJO2zNKcM8iLkw1LEarz_LtHM6hG7gBPdjV_8RhuckGR_tTRvBQ-ZhbLtNuZQNJcatso3_nGpUYzPOeAvFho_zqwnROUm38EmKfxV5R20MpI6e25RckQImnEjEcJZrG7ZZrItwZxU36_gToYrhCsoIzUg8wkEW5Kv7jSQnN4l3JqwD1HNtJqOUfQU1q0oc-BW8K8l9BDk3wqDGRG7tZ837pz1BABONBQq8isOh1QTAQA7MGSMxBefgDBQwxlJ-gwUPak-OzJiOTeJgb72K5kCHIKp9NRKnnCL9SOFRvqAcGCIVysERcwg78F-5meH68cCaXmsILV9iqSz8qCugkWNn7E-NMVBJobx-AJn5BWLnumxQ49bkHW1hrcHgcZfxtSuOcNlT6Y_O4xjfgUkjTyjQpBRk7gkHejL8EAcM9JvHS3jJEFbiI6Hw6sTLhr5iaR6k7jkzAJElT4CxNIaTexGqMYSS-GBFO1HtUelSfvqxJjuvAem_v0pIP3onGpUyOm7SVAImvpJiclle2lXgFLlcfhrmffz69mL0dzF90lNSVLl8RvUZdCsEt3wtlXMDh3EyRD5iM4up-0UbmPd-lmFTHVNyelEayPX4cYsGcw_pAbifmjbkqziueBek1i5ykyFX-OGsB_jKbFsq_JlDFRIkR67ddXEGfk91RiI58KS9TZ6FWLw59NqA-7_b7XapLDJoj-gwSJ78zu_lBxaJgt2uiu7C-Gv2EW2qUuivbusx27lXPO1Qi8ivRo9jJdy-JaRqWjl0WZymcPlMXAI01s-yWmnpZR_Fkr8fGob10nIWxRcIJOsj7oJzZ30gejb3DcfmudfHkqRHfUswzlF4j2NXX3nYenbmuLdUjlTF9eIYQT_eM4rSsLGYjGTUR1wwqnOIou0Yy-QH2og_NTHTbZeGieNEG7itIDZ6HIep2j_aNrIFFV_LRl-Cvqs40d7bgr7D7hsvCa2up_vIs0GZAzcfbAfvmGBWQg5SbNFI6CIGs1Ma77nEQgf5JT-Y9WUfympTCXwm0b_J2oEY3BWQtszO8mybLE2ZOiSohHS2cFPKAMWWa1QEPf707-q8rf6lUgf6QVDEArHqtN0w_IoAVNjDuRJyJcWynD95F3O9cuPXsP6MA6vu-4fuad80Kyl7xg0HTQHGxPMYisTZF1POdnYTWeFBOw1nwR0SWu2P8Xw-F7lNbKp9aOCncFj3zs596rM5mr710ctbF26QdtSGzVGxEbslVkMo0SJjgaLEtI0NVaCeQhmM1ADoVC_JeKhyvZqm6ic2J_D5SVgT1biLAmK-Q2S6KyQlHfBV4C8pGgVzdwrUms_IP0HZw4Rq6vIlUu1A9SNazsyR6aFldZnLVT6FYVNVYMNJVbyDt76fdiCcjtETZ-15af4IPKJYly4NhbKksGizcBB5jFE4zVDcnuids9QYGOetoMfxAJfAXEVR579msBAKIUwD004wNb5jTrJ_rLU-g-Xt46EWay98Xqo7MN18qzgxGtW8MjBP33iyYyA_7fZlv0u8VN06nLqyS9rr73T-QnwuAsRlPFZACeK3ajESAdLwR4Hg8ObQ6CoDFuBQLxniCDUpdiwHX2TU6CY4r-b1PGJSzG2hNrJkvMTUiibo3ikKmvj_y3VKWXeZRveVpDQwtpxkmUbdcdQSNmp717q_YWcgkcmFZc86bHMD1KHREm9Rt8aSBdLiNGJK47yO2vRIqqd_klcfMokll1_VV5_dSL08c3YW3wyl-vrvRvAtDNGAAgH_YsXhRPpbAfElggRpYqP0hyxiB5VLu_r066NAmQCiUJwbrOgkr9lUz0mfq7mtQCS1l7LeVg6GDZRlR86i7SxVhEHfIcZH0yGI23Zp4XnB43Npw1iyqd4OheeuiJEgXs2ljedN5HaqNAxChxOjx-WiFjM9VLrCCp5MFf0h0VpM79atMVzQvjPd4FfRdjp4-DIxjDV6Nnd58xRLi3kzRR8pq-dp0aewUNcZYr2PUhajYTg-hJ955waH27Pn5eKmUqtToueoduD3PLIjBmcJSDmt0v_dW6LcQn9-g86rI5o185485lDsyK8irfEX_2Nz78XxCZFUTIFXTu8id3gTxyZfPUvaSUVnPpbRhAv59tSQRwVx2Du2Z70a6rO0DXa358teyHWqjPNJs4adGeBy-xl6jvOIo0PXV9oRKwb8QoEtgKy-H4ZFcapJY4SEi1Re2i_0dyMEjMVVgb-U-4NaFmQ32JvnsB8fXF7Ey_Kz4ea8sEhpwWS5bqGMhR52dtGvA3YmjkUY8CsheUpf4Xh4P2LAbV5yQAKdQKdTDE9d6mIvTzBa86y9bgbP1v0wzRPfqeMape-BNz0SeHHhHfc4X8WdyUIDM3OvK2vpM5tDJzlVQRqrT8yhIRri7dOdIHZpOkw8vB5DlRS6REt8Dxn5duyHXROB2emBGdU6Kggi8ZIeTT6v65TA5eL9DvsrGgxDXppyDVBU8kyRjcQHuWwuLQmk4eMwXoT-aNwPDh1ZtD-HUYGhzPVIykUVd5WhH4bfLNP84mBkuk-bEB0dXZ44Z4Js9SB0hkRkqAKI2my4slCuMdyUh3hgNCzdVC1zBXEyJAh1eFEop0AQPGT8342oH2Q40ZADEoKpC-RJn1BZNdcGQ252tsMhtYY23muujGG0CRNR9EEnRdJYZw6PmnOMB_50CYwgvelHJaE1kRrWShOFl7wMxAr4Aw0usrV-87F5q61go0tb5iTj1pIPKSwq1FDu3xydNjyrmjxfbK_8TzCMlihCGoy2KWLXpwwNShylTIbS2xpC2rCJT3foYtleuaB8MrfqOOy4lSguU54Q-1daYYGcAppD8NEyiVWUMa6CSGMQ4eBHy_RtLYQDaFOmuWLjZP6PFitIYXwF9EKZaP7X7OzmnjV2vQmbru6TdpEIsU8vzn5vKHplv8NUzEdYxFOMc53CnvhnizlSgdQZJVKpO_V7GqUYp4-X2t_Cx3V5V35NHk4DKGmAE0oMDNQD57iSP4q17Bl8JGC75UxQmFyEiEwqHHBA6U4mjx7UWwf1e8otm3_M9-8p_2-Nn_pEO6W0ulyerlLlsVMVibb3BKl8gjyHkKY5thc4tZRVj50HHvchveSIMhq4fw0FHo1oZWa9ES624d64flWL1n9xFhfGSdcBcZV1grb8xWh_lbDgIuSSJ_OjlfS6FytfIqq_oeL7mI0gfC2AEuRBilYTtMHlSL7AWuq1-7RBOC6LPaCtoYEKX8G0KZCLaj7KglJUF2iHI1MdEoNn-EI00jUdvoDgLlhyIITklSip04mFXpa0KGcaQ3ZYd6pOADXfOnhWdvwdnRxzigDy1ynxdqFcBoFNvDNvl4f_rYI6sxInS6HkS-b8kKCtvu-nFVrG9euvjlWEL2h9fEhnVry2eGkPrD6zS_1r9MKr8jgDY&cid=CAQSOwDICaaN6DyVl0-PejR9KqH9VqOtW7IKGZphMwBYSpmwPOHWKwQA_ulNZd-25h-Qutzvf-EKjFHHSFSEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=17457273722317361000&adk=676413724&idt=93&cac=0&dtd=42
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
258617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDUwMjkyNTUzNDI0NwogIHNlcnZlcl9pcDogMTM0MDU4NTMzCiAgcHJvY2Vzc19pZDogMjI5ODYzNTQ5OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 0C5F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDUwMjkyNTUzNDI0NwogIHNlcnZlcl9pcDogMTM0MDU4NTMzCiAgcHJvY2Vzc19pZDogMjI5ODYzNTQ5OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA1MzQ0ODM4OTA0MDIyMzcwMzQ1CmRlYnVnX2tleTogNjE1MDYzOTYwMzYzMjc1OTc3NgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMjAiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjA1ODkzNQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjI2NzkwMjA5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE1Mzc1NjM5CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xda9de688f944e2040000000000000000","13":"0x4cb03e810d1941e50000000000000000","14":"0x96bd9144510d405f0000000000000000","15":"0xf7ec02a7ee5236a90000000000000000"},"debug_key":"6150639603632759776","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"5344838904022370345"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8w7qrx09r0fs
hal9000.redintelligence.net/zone/ Frame 0C5F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkQmZjJ1bZbbZK-vsn88PyoGO-AWRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAmUsfi4iU7I-qAMByAObBKoElgJP0FZ0O9mn3sOsEMwPZfZLExIe3OIZq1EJluD1whF-d0jbt8w6kJa_EPbgAQAmTozQoUmWkWRy1ZpjjIaqaoyN-HRh6654co64kGiLcOBALqBv33NObnHOb-IlqsJz3FnNLy3LEhkvVO4fQUt-8oSJACMEfi9XGHkU5aI10UvY1ompbNaJ8ljIStpZ3piXNH9MJ9ntmRARxV0adrzSg4f9sZ8j5Mo3--LBjM1TNUXG3DrogbqEYqScCc5AdltmAQZvz_8SLpCTdVxZkXzkF1DGfvG3zTfVy7LBNtXx0An1ob4Pr3ldPOPy_Hh3m5_UT1nuufQ76Q4WGLJG2VCqkE0iJwFyFNpWHRcJZ3o0XF-MO4Is5JJ9E8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN6DyVl0-PejR9KqH9VqOtW7IKGZphMwBYSpmwPOHWKwQA_ulNZd-25h-Qutzvf-EKjFHHSFSEGAE%26sig%3DAOD64_0BlXvQtXBf1TYq84SHGH-6yhDsNw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A1AkHTvFzzhJcOUOWAo-cwbC9cTR2pQvns8XGKi_TfwU2ES9-n72rXPjSu3HIop4IrG_2J6454hZP5Y-P4gpb2JHp5X4fSwhRTdjgIlx4wr4ibk8lR2tulWETWFJc1_CrcTi2qdUJksio9ZfTbqz3TxBynwUz08lM6rFf4360eUuJoCuY%26cry%3D1%26dbm_d%3DAKAmf-DXQ1ZTd8T6mcgje2C5kvKpPaUqeSx5lElkonR7HIolWXF2bG3hv0_CACI1SXWDV542BFs-kA6VmCoITfeIdXP66iU10jn2-v_UmokOlnuTCFn-U-WWOlo_9UUhwucIzVfLV4lv1Nl4KoLN3tYpSCypPtQoA7j8lLpowNGyS_hu19NlYo9cUeVfInDioTbCFQZ_U-cZ725IldIRSJm2YkHGGJ1NleiSUg2zBw0snFiNHa97VWlwiYUsQWx0ejs1e0AtUilMdh7-YDcQ0Vkjnxy1hUPdlob4yf2FqmWqrKKyZrnXrl29v0007MO74rZYoO6PTNHWIkiYiM_0OECLztRcWbF5hRUVuXYTCSG5Wm8vBjL_yB-eeOOUSiuULbe2w7VibzehGDXmzeEK_W0ARCnHDQcloh7YTG3SN3GVPkFzohPOnF6gISxGxgA9nEl0dIpHe141_Si1BlOPyR0go2O6GmtWjYl8Gi9p6u_Lhvz1zJ9SXrDpR4s7BJzFM9LRxOHB3_Iu9OB2F0fRGUCurlqQv-6SNxgHVLFQrC4861pcg5p_mCk9zLOLyR--USqRB9RoAZK9n8EdVI7LIvZVdWUI_WULLAaRXIjVqfiZncP1cTWihNA%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7dacb1297f2e382c6e2d599a785cb0a54ac937db2230d779f0ccf60c04d359a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4219
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5355 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
161740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 5355 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:51:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 14:51:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F2DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311130101&jk=4222938272626077&bg=!hoWlhcrNAAZxrfrxUa07ADQBe5WfOC6Eb6c3W7J_z9_WbMG25Yb-OcQt_dqi0qGN5_aMzWw0BjtzxDAYvmbFx4I--b9jAgAAAOVSAAAAA2gBB5kCxccFnkVv7JWRenajxJ5DQMShL2qB5dEiCGI5Q-VAX5uGwoRC5962W0Ag6UkWVP7XHnKGNOzxy6DbvshUhXHs2tkaeorFZ3DfITlI_EC5L4GpMQUzvmz-03VR-cwO2gNlcPESYikk3gk50Ehq7jrseCd-IH0cXpdIovfHl7moG1eJBmlYyyIEa_sKyNcFRzaVDncVbANRuRjYgp0pZCObHV4qc1-TNIuxcebnr-aRwg3qsEUFamMHW-fwfAGE2Zs7TwjXew_40iF8jzeOWDHbL_CRgIFXJBAnpm1lcDeUdNZrYvLfb_yykGP-wCPSho6tGXu5snXj-kvZcDjq-V-WsCubeFseHRcMmViBOLJDi-VEXmJJoT0D2X-y-s-jHw99s_Sv6kS_O3o-WOfR9QcTOcw5qC2-y4XGDY8O-IFNeyJfjvtOYrNrMSXU_L5KaOxWxATIe-A5HI0Eti5NtNmc3Q6pWgApe_2wXGtaoK-zCWC4v-smJWmF-8-cFWIBpbd0WAkKRK8PnrTlmBRDs2W65ieF1EHSNkN4jICEsdQ4LNO8_qB4RaBv_o6tuSsa8rSHG2hu-6i3bjlqf3pk2LWCXDofS7WhPq11fPNDUICWxUp--E1qSJy-Ib-L87iWuYH87vzClszPVpyXpcf4quFnEK2DROAXDPBVlZYhiPBDh3GMr_hiMsEz2qDbviOZrdZxynOHfBfb_JOW4e68u6bNRfZPTdbVucTBvBUnB9IOzwCAxH-XgOwVxpFFAzKjHjikZgIH5gWRebJDJqJWRlBKe9mljTV1fe0RyFSiLLuIX-HUUWmziE7EwbNgN4v7fbvOhzLsrrjSYWX6bfWEc_k8Rew5jRieIr_fOSLCc0W8rDyGV5dQ990aUfiQowML9qq_OQYXOe0V0KdpM3zYf0UuaJ9YigGocKZ_UTdpGNZ-nrhJpRjY_F8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
request.php
hal900014.redintelligence.net/ Frame 0C5F
Redirect Chain
  • https://hal900014.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=13538040ac&subid=&uid=d63923d7dca1515b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900014.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=13538040ac&subid=&uid=d63923d7dca1515b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=13538040ac&subid=&uid=d63923d7dca1515b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkQmZjJ1bZbbZK-vsn88PyoGO-AWRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAmUsfi4iU7I-qAMByAObBKoElgJP0FZ0O9mn3sOsEMwPZfZLExIe3OIZq1EJluD1whF-d0jbt8w6kJa_EPbgAQAmTozQoUmWkWRy1ZpjjIaqaoyN-HRh6654co64kGiLcOBALqBv33NObnHOb-IlqsJz3FnNLy3LEhkvVO4fQUt-8oSJACMEfi9XGHkU5aI10UvY1ompbNaJ8ljIStpZ3piXNH9MJ9ntmRARxV0adrzSg4f9sZ8j5Mo3--LBjM1TNUXG3DrogbqEYqScCc5AdltmAQZvz_8SLpCTdVxZkXzkF1DGfvG3zTfVy7LBNtXx0An1ob4Pr3ldPOPy_Hh3m5_UT1nuufQ76Q4WGLJG2VCqkE0iJwFyFNpWHRcJZ3o0XF-MO4Is5JJ9E8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN6DyVl0-PejR9KqH9VqOtW7IKGZphMwBYSpmwPOHWKwQA_ulNZd-25h-Qutzvf-EKjFHHSFSEGAE%26sig%3DAOD64_0BlXvQtXBf1TYq84SHGH-6yhDsNw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A1AkHTvFzzhJcOUOWAo-cwbC9cTR2pQvns8XGKi_TfwU2ES9-n72rXPjSu3HIop4IrG_2J6454hZP5Y-P4gpb2JHp5X4fSwhRTdjgIlx4wr4ibk8lR2tulWETWFJc1_CrcTi2qdUJksio9ZfTbqz3TxBynwUz08lM6rFf4360eUuJoCuY%26cry%3D1%26dbm_d%3DAKAmf-DXQ1ZTd8T6mcgje2C5kvKpPaUqeSx5lElkonR7HIolWXF2bG3hv0_CACI1SXWDV542BFs-kA6VmCoITfeIdXP66iU10jn2-v_UmokOlnuTCFn-U-WWOlo_9UUhwucIzVfLV4lv1Nl4KoLN3tYpSCypPtQoA7j8lLpowNGyS_hu19NlYo9cUeVfInDioTbCFQZ_U-cZ725IldIRSJm2YkHGGJ1NleiSUg2zBw0snFiNHa97VWlwiYUsQWx0ejs1e0AtUilMdh7-YDcQ0Vkjnxy1hUPdlob4yf2FqmWqrKKyZrnXrl29v0007MO74rZYoO6PTNHWIkiYiM_0OECLztRcWbF5hRUVuXYTCSG5Wm8vBjL_yB-eeOOUSiuULbe2w7VibzehGDXmzeEK_W0ARCnHDQcloh7YTG3SN3GVPkFzohPOnF6gISxGxgA9nEl0dIpHe141_Si1BlOPyR0go2O6GmtWjYl8Gi9p6u_Lhvz1zJ9SXrDpR4s7BJzFM9LRxOHB3_Iu9OB2F0fRGUCurlqQv-6SNxgHVLFQrC4861pcg5p_mCk9zLOLyR--USqRB9RoAZK9n8EdVI7LIvZVdWUI_WULLAaRXIjVqfiZncP1cTWihNA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9987880087328&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
HTTP/1.1
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
7b3739b1ecad291016465b04a1577de84581699baa454127c054c1bf7ae6c432

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
16595000168376004438458012514014
Connection
close
Content-Length
332
Expires
Mon, 20 Nov 2023 17:55:25 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:25 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=13538040ac&subid=&uid=d63923d7dca1515b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkQmZjJ1bZbbZK-vsn88PyoGO-AWRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAmUsfi4iU7I-qAMByAObBKoElgJP0FZ0O9mn3sOsEMwPZfZLExIe3OIZq1EJluD1whF-d0jbt8w6kJa_EPbgAQAmTozQoUmWkWRy1ZpjjIaqaoyN-HRh6654co64kGiLcOBALqBv33NObnHOb-IlqsJz3FnNLy3LEhkvVO4fQUt-8oSJACMEfi9XGHkU5aI10UvY1ompbNaJ8ljIStpZ3piXNH9MJ9ntmRARxV0adrzSg4f9sZ8j5Mo3--LBjM1TNUXG3DrogbqEYqScCc5AdltmAQZvz_8SLpCTdVxZkXzkF1DGfvG3zTfVy7LBNtXx0An1ob4Pr3ldPOPy_Hh3m5_UT1nuufQ76Q4WGLJG2VCqkE0iJwFyFNpWHRcJZ3o0XF-MO4Is5JJ9E8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN6DyVl0-PejR9KqH9VqOtW7IKGZphMwBYSpmwPOHWKwQA_ulNZd-25h-Qutzvf-EKjFHHSFSEGAE%26sig%3DAOD64_0BlXvQtXBf1TYq84SHGH-6yhDsNw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A1AkHTvFzzhJcOUOWAo-cwbC9cTR2pQvns8XGKi_TfwU2ES9-n72rXPjSu3HIop4IrG_2J6454hZP5Y-P4gpb2JHp5X4fSwhRTdjgIlx4wr4ibk8lR2tulWETWFJc1_CrcTi2qdUJksio9ZfTbqz3TxBynwUz08lM6rFf4360eUuJoCuY%26cry%3D1%26dbm_d%3DAKAmf-DXQ1ZTd8T6mcgje2C5kvKpPaUqeSx5lElkonR7HIolWXF2bG3hv0_CACI1SXWDV542BFs-kA6VmCoITfeIdXP66iU10jn2-v_UmokOlnuTCFn-U-WWOlo_9UUhwucIzVfLV4lv1Nl4KoLN3tYpSCypPtQoA7j8lLpowNGyS_hu19NlYo9cUeVfInDioTbCFQZ_U-cZ725IldIRSJm2YkHGGJ1NleiSUg2zBw0snFiNHa97VWlwiYUsQWx0ejs1e0AtUilMdh7-YDcQ0Vkjnxy1hUPdlob4yf2FqmWqrKKyZrnXrl29v0007MO74rZYoO6PTNHWIkiYiM_0OECLztRcWbF5hRUVuXYTCSG5Wm8vBjL_yB-eeOOUSiuULbe2w7VibzehGDXmzeEK_W0ARCnHDQcloh7YTG3SN3GVPkFzohPOnF6gISxGxgA9nEl0dIpHe141_Si1BlOPyR0go2O6GmtWjYl8Gi9p6u_Lhvz1zJ9SXrDpR4s7BJzFM9LRxOHB3_Iu9OB2F0fRGUCurlqQv-6SNxgHVLFQrC4861pcg5p_mCk9zLOLyR--USqRB9RoAZK9n8EdVI7LIvZVdWUI_WULLAaRXIjVqfiZncP1cTWihNA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9987880087328&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Mon, 20 Nov 2023 17:55:25 +0100
480_650.mp4
cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Sm-eTNE_RpT5zYgaUOwpEQ:1700506522/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.133 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-133.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=196608-

Response headers

Date
Mon, 20 Nov 2023 17:55:25 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 196608-16890123/16890124
Connection
keep-alive
Content-Length
16693516
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5355 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2TPwjZ1bZefNIKWk9u8P68mJyAgAAAAAOAHgBAI&bg=!DA-lD0DNAAZxrfrxUa07ADQBe5WfONcS0T2a1IRlMuJgE1CDjpr-vrrxKA-ik1G3zdrhqeIiL_S4Iz55gJUdgNQOVYNpAgAAAIxSAAAAA2gBB5kC-ZdmC7NHQkmms0Ouwlh3zDwP9ooh7kpvQv8_9r-ReBTz28W49biYn2jcJB63f6-D0jSmn9zFBWEnJiFm9d0h0xhbdrP0egZx6L2BWYFUYowhwpnwXrH1b1_T4eG3FesRNmoq7G-0MwcOIvtmIX0--vSHtrar6iRl6gQFaWWCW4K5YvjsZW6gvvS99N6QBiqyyWBMiI691Y701EOIORaInoJaP1wUM87EO3Nc0_Yar93RGnbGn3WPfODMsK6B00bZJaDuMe2IfAqIECmpjB8q1oRsrhbMK1leSHYlIDtE3pc5hhH3s41kclf5bNmR9ow7ttTErob4cIdmK7B43JT8eDRAGNeq1-K9LMWCEV8UqkDL2DUCAsTcJaYl4LIqJxG9iEWvFBk86o9UAeVDZI1eWp_s3kuCczjpfoDokBsxVB30YYEYn6Yp8ZJxBqwwQTcLtgTmopLNGvcfjJk_atbdo9axNjyiQSE8-VK58_gZxFwdvCuBDF-KqALc1cH49-VBWbKMWv_WI8UekmTaYT8ZfCdMVCTbjNhyloh3buKtyDTlT-DQgR87urmm2H19sDK_2B8UTbxet4CvMg1D0siQrthVA0ibyu-OcMGRO0Ni9fbSPIIoYv06SgNokgSv-9WoPQ1uWwZ-sBLJwxxBQT7hOtX1G9zksawnVCO4dwYbwFhtKTOwxlijLyLht5Xqaee9SiWC59xnY-e6C5MSZn2t4P2NiPTIjD36_6VFNHKK9j0Q6fGxUoh3dUL54EcyjP9vbUdA44HYRHSBjfX3Tha-RGXlyuGwrKLZQf_kTo8x1Fahxc9Z-f1-Ruo6YEKd3_jjp6ny2q5wMe6wWmmx0yUyEohSbp08OccRF1YEJ8DEUrQkaepEk5j7uZ8W-H9eXC4RUufJaBMSFVq0TzOv29k297dpgkuqI6wDGsHfhKgmmZPXcAXpn0zMfSdJnu0vwL90EajReiDX7MuGM6DTbQs_132eryjm5RLUeiyT4wjVjM5Wm5U-tggnoqQv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request_content.php
hal900014.redintelligence.net/ Frame FF1F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=16595000168376004438458012514014&a=6079f4fd
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=13538040ac&subid=&uid=d63923d7dca1515b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkQmZjJ1bZbbZK-vsn88PyoGO-AWRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAmUsfi4iU7I-qAMByAObBKoElgJP0FZ0O9mn3sOsEMwPZfZLExIe3OIZq1EJluD1whF-d0jbt8w6kJa_EPbgAQAmTozQoUmWkWRy1ZpjjIaqaoyN-HRh6654co64kGiLcOBALqBv33NObnHOb-IlqsJz3FnNLy3LEhkvVO4fQUt-8oSJACMEfi9XGHkU5aI10UvY1ompbNaJ8ljIStpZ3piXNH9MJ9ntmRARxV0adrzSg4f9sZ8j5Mo3--LBjM1TNUXG3DrogbqEYqScCc5AdltmAQZvz_8SLpCTdVxZkXzkF1DGfvG3zTfVy7LBNtXx0An1ob4Pr3ldPOPy_Hh3m5_UT1nuufQ76Q4WGLJG2VCqkE0iJwFyFNpWHRcJZ3o0XF-MO4Is5JJ9E8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN6DyVl0-PejR9KqH9VqOtW7IKGZphMwBYSpmwPOHWKwQA_ulNZd-25h-Qutzvf-EKjFHHSFSEGAE%26sig%3DAOD64_0BlXvQtXBf1TYq84SHGH-6yhDsNw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A1AkHTvFzzhJcOUOWAo-cwbC9cTR2pQvns8XGKi_TfwU2ES9-n72rXPjSu3HIop4IrG_2J6454hZP5Y-P4gpb2JHp5X4fSwhRTdjgIlx4wr4ibk8lR2tulWETWFJc1_CrcTi2qdUJksio9ZfTbqz3TxBynwUz08lM6rFf4360eUuJoCuY%26cry%3D1%26dbm_d%3DAKAmf-DXQ1ZTd8T6mcgje2C5kvKpPaUqeSx5lElkonR7HIolWXF2bG3hv0_CACI1SXWDV542BFs-kA6VmCoITfeIdXP66iU10jn2-v_UmokOlnuTCFn-U-WWOlo_9UUhwucIzVfLV4lv1Nl4KoLN3tYpSCypPtQoA7j8lLpowNGyS_hu19NlYo9cUeVfInDioTbCFQZ_U-cZ725IldIRSJm2YkHGGJ1NleiSUg2zBw0snFiNHa97VWlwiYUsQWx0ejs1e0AtUilMdh7-YDcQ0Vkjnxy1hUPdlob4yf2FqmWqrKKyZrnXrl29v0007MO74rZYoO6PTNHWIkiYiM_0OECLztRcWbF5hRUVuXYTCSG5Wm8vBjL_yB-eeOOUSiuULbe2w7VibzehGDXmzeEK_W0ARCnHDQcloh7YTG3SN3GVPkFzohPOnF6gISxGxgA9nEl0dIpHe141_Si1BlOPyR0go2O6GmtWjYl8Gi9p6u_Lhvz1zJ9SXrDpR4s7BJzFM9LRxOHB3_Iu9OB2F0fRGUCurlqQv-6SNxgHVLFQrC4861pcg5p_mCk9zLOLyR--USqRB9RoAZK9n8EdVI7LIvZVdWUI_WULLAaRXIjVqfiZncP1cTWihNA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=9987880087328&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
a2124ca1971f9c744626c9bea60e5d861c122f83056e2885324523957c1a0026

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1414
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 17:55:26 GMT
Expires
Mon, 20 Nov 2023 17:55:26 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 310A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
73113
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Mon, 20 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0C5F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ad68b6d40b12b04ca7e377cb22de4c8aaf4e8832bb8f4ac3442140e846a6b4b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 20 Nov 2023 17:55:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
337003
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
221466
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ee272847b22d581cc73ef77124a45ad6abc679ff37c4f62cd9adf7f747c4447

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 20 Dec 2023 17:55:26 GMT
checksync.php
contextual.media.net/ Frame 659C 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-200-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
75dafddaabed947a4a53a65c28ed47eacc0776d8cc15772bb253bc01962d97c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8529
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Wed, 22 Nov 2023 17:55:26 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 8CAD 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 17:55:26 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 71DB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
263
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
829290590f2837de-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Mon, 20 Nov 2023 21:55:26 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 3BD8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-84.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
32900
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 08:47:07 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
x-amz-cf-id
Z2Q8otlqnya0tSBe9bRmEYmjsLMG0c8g0fnBMicgoDMjG7P6fB3kBg==
x-amz-cf-pop
CDG52-P2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
/
csync.smilewanted.com/ Frame A55F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
829290588e56363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 08CF 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700502922841
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pd
adpushup-d.openx.net/w/1.0/ Frame 345E 		653 B
745 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
871b439ce74940d2fb88d2fad9b0a40f3ee6e47c5a860b11a34d1d1455277fa6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
415
content-type
text/html
date
Mon, 20 Nov 2023 17:55:26 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 947D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
33464
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 20 Nov 2023 17:55:26 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
453, 261939
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230070-FRA
X-Timer
S1700502926.242752,VS0,VE0
isyn
prebid.a-mo.net/ Frame 4D2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 20 Nov 2023 17:55:25 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
sync
eb2.3lift.com/ Frame D72B 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 20 Nov 2023 17:55:26 GMT
csi
csi.gstatic.com/ Frame A0AA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp77jaqi&c=6203088597410&slotId=3101544298705&ghmsh_eids=44750822%2C44772139%2C44777649%2C44781409%2C44795416%2C44802074%2C44802463%2C44803784%2C44804291
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 310A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Du6fM3PfSAqWCNP6_FCzmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Du6fM3PfSAqWCNP6_FCzmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQTooCzuhIi34tRIrxoTA50kMiEXzAwYYqG6-BuKYpFPqJGGX-zvD1YPebj4GqTbMSDwbYatHk8L3deFcIAwIY9B5MZERQmICoOpob3nSb1SgXhzk9sIcSO55uu-FComVg36bQ5kH_2tbg_0DsVxr1n
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Du6fM3PfSAqWCNP6_FCzmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQTooCzuhIi34tRIrxoTA50kMiEXzAwYYqG6-BuKYpFPqJGGX-zvD1YPebj4GqTbMSDwbYatHk8L3deFcIAwIY9B5MZERQmICoOpob3nSb1SgXhzk9sIcSO55uu-FComVg36bQ5kH_2tbg_0DsVxr1n
date
Mon, 20 Nov 2023 17:55:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 310A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqVdUkurxEM5ea8DUwDgOQ&google_cver=1&google_push=AXcoOmToWDxflblF-72oJZrbwweDE3zoy5VyVj_GOaYHduGyVagpvbddQciObhNktvERKYR72Eh...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA3N0o4U0ctMVYtQVVISw==&google_push=AXcoOmToWDxflblF-72oJZrbwweDE3zoy5VyVj_GOaYHduGyVagpvbddQciObhNktvERKYR72EhpNOE7bZjXCSlgL5Qt_Ss7_vZDF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA3N0o4U0ctMVYtQVVISw==&google_push=AXcoOmToWDxflblF-72oJZrbwweDE3zoy5VyVj_GOaYHduGyVagpvbddQciObhNktvERKYR72EhpNOE7bZjXCSlgL5Qt_Ss7_vZDFh8Jkvv7RnrlIjaZvmVMRPWZ3S6H2aEjXANTNWko8RBz56IwDBsO5VVj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA3N0o4U0ctMVYtQVVISw==&google_push=AXcoOmToWDxflblF-72oJZrbwweDE3zoy5VyVj_GOaYHduGyVagpvbddQciObhNktvERKYR72EhpNOE7bZjXCSlgL5Qt_Ss7_vZDFh8Jkvv7RnrlIjaZvmVMRPWZ3S6H2aEjXANTNWko8RBz56IwDBsO5VVj
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 310A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_hm=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB&google_nid=index&google_push=AXcoOmRmm74wnmpQqoqDAosryxG3QrNKEBLdR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_hm=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB&google_nid=index&google_push=AXcoOmRmm74wnmpQqoqDAosryxG3QrNKEBLdRyTt1yh-V0RR125i1n2IYZJGExsnL9clmsLJZ_BOl2VatKumcytLYyW6Wuskse8KXnn271rg2xHvPPXnEcoTsOhm-x-nSjnoTWZNnbdAhWudqAYhc6q3NVgH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FwmLylA8HzDsBUA4nMlmduXHvo63omAiLuu9Z%2FY8GLuiAiNWmkuCjKgw9bhgXnq2q9gf1Wvzf2qKxKzF3yUNlGA79eNf2iNomimPJanFFB822Cz%2BYh5EdgAPy2Je5aCykklDjqQ1KLiPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_hm=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB&google_nid=index&google_push=AXcoOmRmm74wnmpQqoqDAosryxG3QrNKEBLdRyTt1yh-V0RR125i1n2IYZJGExsnL9clmsLJZ_BOl2VatKumcytLYyW6Wuskse8KXnn271rg2xHvPPXnEcoTsOhm-x-nSjnoTWZNnbdAhWudqAYhc6q3NVgH
cache-control
no-cache
cf-ray
82929058bc3b65b8-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 310A
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRDma32JKzYgmvUVJVJ2JwQVeAQy2psmjo9XzayMKTjmW8ybsR7EYeyE1mUsewfuG2wIfBeYGdDt1...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRDma32JKzYgmvUVJVJ2JwQVeAQy2psmjo9XzayMKTjmW8ybsR7EYeyE1mUsewfuG2wIfBeYGdDt1mVRItlMrYuFUge4XZ9xLHrcMX5poeDCSp70DD3YVHsbgHXC1XJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRDma32JKzYgmvUVJVJ2JwQVeAQy2psmjo9XzayMKTjmW8ybsR7EYeyE1mUsewfuG2wIfBeYGdDt1mVRItlMrYuFUge4XZ9xLHrcMX5poeDCSp70DD3YVHsbgHXC1XJktAxgQ9jvurF5C5i1NXh10X1&google_hm=a3755448-e6af-471d-b6cf-ab36a788ad65
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-199
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRDma32JKzYgmvUVJVJ2JwQVeAQy2psmjo9XzayMKTjmW8ybsR7EYeyE1mUsewfuG2wIfBeYGdDt1mVRItlMrYuFUge4XZ9xLHrcMX5poeDCSp70DD3YVHsbgHXC1XJktAxgQ9jvurF5C5i1NXh10X1&google_hm=a3755448-e6af-471d-b6cf-ab36a788ad65
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 310A
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGl2QMS-ztWR6k69QrPN8s0&google_cver=1&google_push=AXcoOmRTnpQYLPtO_KpGxoDbqTqvAaUhyPmRNwdUcP-STsBxdpqOJS8U9yUqdVygcFjCr9pO0v2GesnylIC98FRriUfPmkcRe...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNTA0NTI2MTgxNTQ0MDAwMFYxMA%3d%3d&mn_hm=MzQzNTA0NTI2MTgxNTQ0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRTnpQYLPtO_KpGxoDbqTqvAaU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNTA0NTI2MTgxNTQ0MDAwMFYxMA%3d%3d&mn_hm=MzQzNTA0NTI2MTgxNTQ0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRTnpQYLPtO_KpGxoDbqTqvAaUhyPmRNwdUcP-STsBxdpqOJS8U9yUqdVygcFjCr9pO0v2GesnylIC98FRriUfPmkcRe5LVPf1OutGHhivLUq4t_nKYOBWI90-O86drqgWzJeWJy8tzLHqEshUHmxR5&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:26 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNTA0NTI2MTgxNTQ0MDAwMFYxMA%3d%3d&mn_hm=MzQzNTA0NTI2MTgxNTQ0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRTnpQYLPtO_KpGxoDbqTqvAaUhyPmRNwdUcP-STsBxdpqOJS8U9yUqdVygcFjCr9pO0v2GesnylIC98FRriUfPmkcRe5LVPf1OutGHhivLUq4t_nKYOBWI90-O86drqgWzJeWJy8tzLHqEshUHmxR5&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 20 Nov 2023 17:55:26 GMT
pub
cs.chocolateplatform.com/ Frame 310A 		0
0
pixel
cm.g.doubleclick.net/ Frame 310A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEcKgw3diVwNNEWTdG_jnGw&google_cver=1&google_push=AXcoOmQixOa5uOIDt0kS0cBPEROOvKd_3WhiI-17MEUhCE1m7MyDwQGURMtF3Tg_ghQjiiAXU6ZVHi...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQixOa5uOIDt0kS0cBPEROOvKd_3WhiI-17MEUhCE1m7MyDwQGURMtF3Tg_ghQjiiAXU6ZVHi_-I4MM1ad1DkhhLjxAUYdEsV6DR9aYy5i-5Ysv7d1iD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQixOa5uOIDt0kS0cBPEROOvKd_3WhiI-17MEUhCE1m7MyDwQGURMtF3Tg_ghQjiiAXU6ZVHi_-I4MM1ad1DkhhLjxAUYdEsV6DR9aYy5i-5Ysv7d1iDG0SPIB1yCGopBhzrLasRX4PraxxJT8RFoQ&google_hm=NDMwNDQxODk0MzI4ODg3Mzg4MA%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQixOa5uOIDt0kS0cBPEROOvKd_3WhiI-17MEUhCE1m7MyDwQGURMtF3Tg_ghQjiiAXU6ZVHi_-I4MM1ad1DkhhLjxAUYdEsV6DR9aYy5i-5Ysv7d1iDG0SPIB1yCGopBhzrLasRX4PraxxJT8RFoQ&google_hm=NDMwNDQxODk0MzI4ODg3Mzg4MA%3D%3D
date
Mon, 20 Nov 2023 17:55:26 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 310A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxEWxTX76IzobOrmSA6-HRmEqFK6LOmS1Q3-sRdjsDoF9U-d_mYqLXN3sCnb7VUCKs_yE4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700502924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700502924061&bpp=259&bdt=1336&idt=501&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&cookie=ID%3D64727a1b3b6791b0%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg&gpic=UID%3D00000ccecb505047%3AT%3D1700502922%3ART%3D1700502922%3AS%3DALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ&correlator=6203088597410&frm=23&ife=1&pv=2&ga_vid=1495016026.1700502922&ga_sid=1700502925&ga_hid=1532031552&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2495&biw=1600&bih=1200&isw=336&ish=280&ifk=461067395&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079758%2C44798934%2C31078297%2C31079698%2C44807763%2C44808149%2C44808284%2C44809053%2C44809071%2C31079653&oid=2&pvsid=3357394522306689&tmod=1502740836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jz4l1mv9hb90&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame FF1F 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=16595000168376004438458012514014&a=6079f4fd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.65.99.88.clients.your-server.de
Software
nginx /
Resource Hash
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:26 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:51 GMT
Server
nginx
ETag
"5b55f217-1348d"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
78989
usync.js
eus.rubiconproject.com/ Frame 8CAD 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37775
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:25:01 GMT
viewability
hal900014.redintelligence.net/ Frame FF1F 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=16595000168376004438458012514014&a=a38a68b3&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=16595000168376004438458012514014&a=6079f4fd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=16595000168376004438458012514014&a=6079f4fd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame FF1F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 345E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=tF8CsrsOD7KvWlaxtw4a6LoLD-GvCA_it1mJVlGR
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=tF8CsrsOD7KvWlaxtw4a6LoLD-GvCA_it1mJVlGR
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=tF8CsrsOD7KvWlaxtw4a6LoLD-GvCA_it1mJVlGR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 345E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8394888110786465475
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8394888110786465475
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8394888110786465475
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 345E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=2cd36e63-3bfe-8215-b8c5-07adc54208b6
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2C840HKN7G48K91S8KYK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 345E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=7405121e-2754-39ef-78cb-853aad71c356&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 345E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTg2YWMxZDQtZWUyMy02NzRiLTZkMmItZGY4MzY3OTMwZDM2
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 345E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB2nWZQEki_uZTknXTfBPiw&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB2nWZQEki_uZTknXTfBPiw&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB2nWZQEki_uZTknXTfBPiw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame A55F 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
977029
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
829290597f6a363c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B0E3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34ab73d64bd5ccb5a2d786acbe9e73b8512d14f6867bceaa36d15e26769df92

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
829290598ccc37d8-FRA
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tV%2F%2Br%2FDWsqfIaVyC5n%2FJGbXOsUqBFh3fi8uPUs2vhgKQiyRLngGF45w3Wy%2BDV6MjvrXQOV0GbVC8WB5Ipf7cwsdEk57640lPjS1%2FfSdeje8NKvZwcJBxv6b74KfLKRogtv4%2FCl7497lD9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 947D 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
an-x-request-uuid
41fbcddc-6750-4cbb-9fbf-e80181aed674
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 3F0A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.168.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-168-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aefa500715240ffa5d13bf2166130a66e9bb71577df11ea08638433f39d4a448

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
etag
W/"0a7a0d843b949d59ae1f02b6297dd93d9"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 894D 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 5374 		813 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
2bb0412226f0df813146c866fac8d17db602d887a286dbdeaa199192fa8dfbc6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
813
content-type
text/html
date
Mon, 20 Nov 2023 17:55:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E54B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0ef62cddded47abd6895676cdb175db269326371dbe4457f4fa55d8bf541ec

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82929059fd6237d8-FRA
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGWbRjwjjpKvqahhGSdnicwJJ%2BpfrgQpUTaLP0uQ%2Fmk8psRNn1bpuPhCmdBDMzWxfIAUaTLi%2FEVIbTlCQ0ruMhW2Pkol8%2BZB0%2B%2FnhOju2BgA0jz31qmHUUWLlrXdb7Lp6ptUGlGfu%2Fw5kA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 13FD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 17:55:26 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 20 Nov 2023 17:55:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 53E0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107277
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Tue, 21 Nov 2023 23:43:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame E6A4 		146 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c5b3ce82804d1dea649dd53d3f759b248b93dbf79ba457d851d4c27a9accac7e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
146
content-type
text/html
date
Mon, 20 Nov 2023 17:55:26 GMT
server
istio-envoy
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-id
U8OPpFzvvetPOWDGmb6T_RgqyXkwB9BzziTS_9iPBwawSTYeoMtvOQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
user-sync
sync.adkernel.com/ Frame A8FC 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 17:55:26 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 3AFF 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.85.125.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-125-66.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6b0b2bc474d6c693fabb9c352b8651c6473df4def4e8f6661ce14ada2628e644

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Mon, 20 Nov 2023 17:55:26 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7556108170959009897
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7556108170959009897
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
an-x-request-uuid
4f044894-5234-40e5-9bd2-417506b32909
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=7556108170959009897
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HsGTsRZH2hLJHmrASH6WgUUw
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HsGTsRZH2hLJHmrASH6WgUUw
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HsGTsRZH2hLJHmrASH6WgUUw
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 3BD8 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Nov 2023 17:55:26 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700502926562
  • https://ad.turn.com/r/cs?pid=45&rndcb=5268762104
  • https://sync.1rx.io/usersync/turn/2736676649113416841?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003
date
Mon, 20 Nov 2023 17:55:26 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb4879de7e00d4b6ea06c9b9fe28f40f1003
content-type
text/html
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5133329528908106811
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5133329528908106811
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5133329528908106811
Date
Mon, 20 Nov 2023 17:55:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=4bdc22aa-a15c-4535-b338-bb9abfaaf84b
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=4bdc22aa-a15c-4535-b338-bb9abfaaf84b
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=4bdc22aa-a15c-4535-b338-bb9abfaaf84b
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame 3BD8
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-07acc685-4430-31cd-88b7-42efcc982bbe&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wN2FjYz...
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-07acc685-4430-31cd-88b7-42efcc982bbe&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-07acc685-4430-31cd-88b7-42efcc982bbe&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUyAiIYOAI=&gdpr=&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive

Redirect headers

location
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-07acc685-4430-31cd-88b7-42efcc982bbe&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wN2FjYzY4NS00NDMwLTMxY2QtODhiNy00MmVmY2M5ODJiYmUyAiIYOAI=&gdpr=&gdpr_consent=
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 3BD8 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.27.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-27-82.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 20 Nov 2023 17:55:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 20 Nov 2023 17:55:26 GMT
casale
match.adsrvr.org/track/cmf/ Frame B0E3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame B0E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvnJfhhfy3Xe%2FFFT%2BI23sq3bOWNXvCDBb7LUdqpkxCguTrjvyRPCfeQNAenV94uDDwFWq1uegHRrKK9mQ6Dt9P6WjTfoGkLP9XOZyxf1K9mjGvzzKqsUTdCiyJKVcF7Z1Lxeymd2dWd%2BXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8292905aae1f37d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFmJSM4ejWGH2uY7aFoxW4w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame B0E3
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVudjV.RVDLcnq5IycOZiAAA%261155&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVudjV.RVDLcnq5IycOZiAAA%261155&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=890217f6ad1141378faccf263304fa57
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:b33d:6afb:b084:e380 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:27 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
4
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
Date
Mon, 20 Nov 2023 17:55:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
dcm
s.amazon-adsystem.com/ Frame B0E3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q0QPWDPHYDMDT00YD0W1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B0E3
Redirect Chain
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZVudjV.RVDLcnq5IycOZiAAA%261155
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=21088bb5-4ece-42ca-9b18-fd262a6fde54
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=21088bb5-4ece-42ca-9b18-fd262a6fde54
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BP2qZMWiR9pUthr6wI54BxUnPGdKJSSnOU8pW2GBj8PM246Tn7k9RjqWTeSKzACtcU7YoBIolvp3VEH89qXi03GrV7cEVho3kMiIRR2JlwGgTTomfwv4Nm%2FUof3Ys%2BJGXl6NwrqwV7v4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8292905b6f2a37d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=21088bb5-4ece-42ca-9b18-fd262a6fde54
Date
Mon, 20 Nov 2023 17:55:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
rum
dsum-sec.casalemedia.com/ Frame B0E3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2736676649113416841
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2736676649113416841
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmYZGi1HV%2FeCXvK7xO%2BBFCfYXvmDepajf9O1P6D5OfhxlWdTHUouqaDgU1R84sUd6eWzuyCip4YgYUGP%2FZmUjccgBVuECrfuhPk9nIbDpxVu2jMoIAeCtaCqjjtac2AvkKinRStzhNoXmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8292905b6f2737d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2736676649113416841
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B0E3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8486070677431234590&expiration=1701712526
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8486070677431234590&expiration=1701712526
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RXXNGC05IS6fTqnls%2F7NsiUgHl4Wn0dtgQMk1nBJKH8BW2ge69%2BYGIQNRPTkZ48kWewbm%2F7ntKVH12B%2BZWDgSq0O7ooVE%2BdyFPILPJYXXiugf1PTPuEChsLXYwJ7fUMYgP4eeOT07ikZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8292905afe9437d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8486070677431234590&expiration=1701712526
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
r.casalemedia.com/ Frame B0E3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=
43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWIejDuzHtVb%2FnCarfvRh4AN4ynnqy%2FrUoAiaTN5gYj5YO3W7liMf%2BuwS1AiJJh8dAa08ttnmMOA2%2Fuwhw3GAWEr1abU%2Be7VPGo1I7h4W8wnMwx7lNLpW8W3221BNdgdGFt6"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8292905e4bbb65b8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame B0E3 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZVudjV.RVDLcnq5IycOZiAAA%261155
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
29577
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8292905aa91837de-FRA
content-length
43
expires
Tue, 21 Nov 2023 17:55:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 743C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6aed544adb61335dd2e7e3d09ce306553df707a4472d2125275be08cf8a5d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12449
x-xss-protection
0
/
onetag-sys.com/usync/ Frame 0183 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700502923120
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
28292
i6.liadm.com/s/ Frame E54B
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVudjV.RVDLcnq5IycOZiAAA%261155&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVudjV.RVDLcnq5IycOZiAAA%261155&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=cba410787849492b8bc2acda91eb998e
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:b33d:6afb:b084:e380 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:27 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nqBe3rCcLgzWs1YIa4IpN1a46o2P7BX8lKJyIQ
Date
Mon, 20 Nov 2023 17:55:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E54B 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5079:1120:7dbf:7a0d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame E54B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7556108170959009897
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7556108170959009897
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EfeNISGJbejErgeRAufAaoB%2BmZWyeKPd3%2F4sH6qu8RjaYiQNsxHi803S%2FxCNbdTVNgW4hPNcU5tXfEUKKgS9RpqFNC1mzmE270S3Ar3ZQrBwAbjemmwPcwBYCKVms5eSeQ3Fi08XMsj6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8292905afe7537d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
an-x-request-uuid
301d548e-425a-4d48-8ca3-11819eeb6bdb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7556108170959009897
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E54B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3602:5079:1120:7dbf:7a0d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB
date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
indexexchange
sync.adotmob.com/cookie/ Frame E54B 		0
0
crum
dsum-sec.casalemedia.com/ Frame E54B
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831091986616
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831091986616
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDaO1rfJ8A0xFqyZuzbRTWyn%2FTI0aQiR6ZFtwfShtpnH4K7WRSwlPI4EVll%2FhLTUa0vakDl7wQLZtA2w9JTpNfQTIk1nl9KRWxfTR%2FXvWhaxRX3YIonL%2FrHYse0OEAJBSobgQO9ohu%2BT9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8292905baf8b37d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831091986616
Date
Mon, 20 Nov 2023 17:55:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame E54B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuCL44sd%2BlkTl23eWPAncz4HlUpPOpoZXeyzanv5doQDA1m5FxcgbNvt5rQdpV2gFHNstHKZ0EV0GfwemHdG6iKhdiXgvcYSLvW9nOAuy8T85hBiyXLYdjzCDNaRxC2gooX%2BScWsGfW%2Bmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8292905f7ca237d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame E54B
Redirect Chain
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZVudjV.RVDLcnq5IycOZiAAA%261155
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=c5d70d9a-daba-4f1a-8c27-d6dba23af512
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=c5d70d9a-daba-4f1a-8c27-d6dba23af512
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6xcnSo7Ld0dCzljZIUJFdMGx2JvKDbnT1yba5zVHHiOgsRh5eM%2FWRHZ%2BZyFMGEwUPT08QKFws87XEmIPGqmpQdtBjMn9%2BPGdXRL4IEp9ChhHHoqYB3wsFzpX4XsB10oDAGBOVKpNQWy3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8292905baf9537d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=c5d70d9a-daba-4f1a-8c27-d6dba23af512
Date
Mon, 20 Nov 2023 17:55:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
ads.servenobid.com/ Frame E54B 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 35A5 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8292905aa8b8363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 5374 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5881583165477360456&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
9.gif
id5-sync.com/i/102/ Frame 5374 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 20 Nov 2023 17:55:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
pixel
cm.g.doubleclick.net/ Frame 5374
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTg4MTU4MzE2NTQ3NzM2MDQ1Ng==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTg4MTU4MzE2NTQ3NzM2MDQ1Ng==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTg4MTU4MzE2NTQ3NzM2MDQ1Ng==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 5374
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=de23d351-6c13-4ca4-8c6f-70b306f98092&gdpr_consent=null&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=de23d351-6c13-4ca4-8c6f-70b306f98092&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=de23d351-6c13-4ca4-8c6f-70b306f98092&gdpr_consent=null&gdpr=0
date
Mon, 20 Nov 2023 17:55:26 GMT
server
_
content-length
0
p
a.audrte.com/ Frame 5374
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWQ1S3NvNGRoLTlSZGVsajJEZU1WSkhYQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGVkNUtzbzRkaC05UmRlbGoy...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=8486070677431234590&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=ed5Kso4dh-9Rdelj2DeMVJHXA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=4304418943288873880&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.211.237.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-237-14.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 20 Nov 2023 17:55:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 13FD 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37775
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:25:01 GMT
track
t2.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-2&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1076044&studio_cid=3e442a30-6032-11ee-be32-437230130e01&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924250&cid=1139715&pid=169092&p=jodUyVPdcf4qIs0VUUoKblPlWzqT4yn7fwIZb6cuKLbVmIi18cF-vLa1gxXJmN_qMI2JGTG0i7KoIF5jCfzJQKQf0ogYlFvkI1aETU7M3wjZ3ya_MzyHRwK8UCJAMzuyxsLPNTurs09g7yfHJxxgG7DSZAEb6Suympr0B-zaNWVNnS6Oj7WDbAR-Jn-gfxKK28gf419WRUSZj51xWwpEVa3hXv_PlDz5yzYIc4ZFyVkg6l_h0QXR5bSVPWBOby2SFNu4-8G-s8WTdKNCwRQEWL_I7icJGHW2atORUqxhkrrYQgqZGyQfzmnuOnuBytK2OJFcW6wvpf8xE8W44JEVardgQcADjfuwvKeD1BQc5jFdQQ&cs=156838656232031347505&slot=native&fv=1289&ts=1700502926504&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
4304418943288873880
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 9566
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/4304418943288873880
0
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/4304418943288873880
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8292905c6a75363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 20 Nov 2023 17:55:26 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/4304418943288873880
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=progress-1&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1103884&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924323&cid=1166828&pid=169092&p=VG1sOpST4TRa459Ovgb4gals41Dv8fmKHjeVsWUsO3D96422oaez7nhxosPrx7hrcz0e_G20XymmhYMMhpQJ8cnb6pwQHtIQ7FGwLzb-FPTqod8j3w6V8sE_NCydqWHR9lONHmLhQ7bKMPJsdNUp0o4PDWujyUPG55V5hsBbpj_4T9YyOynp5Al1RYSa0CYjX-GC2IIShRqP1Yhktp-Hn8sttexlrBONKBH5huiUuYgxzqfBaoInRTQHJ6qTpRGLZ-ZT97LOGaZPHVEF567yGkjPjRS2TICVHr-AFvkypqoJxMyk0SZvsXy2zSOyIBs_vg_o4XN4fFOiT-c3B74Q57qxlwpsHDoJ6xBU11iVjUKuuQ&cs=11717117761339911905&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 743C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Nov 2023 17:55:26 GMT
7556108170959009897
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame DCBD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7556108170959009897
0
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7556108170959009897
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8292905b6975363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ea567cd6-113a-411e-985d-12ffaa799894
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7556108170959009897
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 3F0A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7556108170959009897
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7556108170959009897
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
an-x-request-uuid
dc3c18d4-748e-4e3c-9257-5b39823255c8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7556108170959009897
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3F0A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d2f505d1-aa12-4125-af2a-32513a5bd3c9&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=a34ad13c-40c3-4dad-9df6-e0b0a9537f97&ssp=gumgum2&bsw_param=e05e85ff-7eb9-427b-9938-7e0525b78b11
  • https://usersync.gumgum.com/usersync?b=bsw&i=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&us_privacy=
date
Mon, 20 Nov 2023 17:55:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 3F0A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=8338b66e-0f41-01b9-1fb0-95d76521c210
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=8338b66e-0f41-01b9-1fb0-95d76521c210
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 20 Nov 2023 17:55:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=8338b66e-0f41-01b9-1fb0-95d76521c210
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 3F0A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-03830925-5fbd-53b5-664e-ae7b9fb83269$ip$45.12.222.170
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-03830925-5fbd-53b5-664e-ae7b9fb83269$ip$45.12.222.170
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-03830925-5fbd-53b5-664e-ae7b9fb83269$ip$45.12.222.170
Date
Mon, 20 Nov 2023 17:55:27 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3F0A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-q.EtW.ZE2pe025yrhYPS6e3HlravZyqsFDWq~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-q.EtW.ZE2pe025yrhYPS6e3HlravZyqsFDWq~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-q.EtW.ZE2pe025yrhYPS6e3HlravZyqsFDWq~A
content-length
0
usersync
usersync.gumgum.com/ Frame 3F0A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=6f9fb69c-cc3c-4eb1-af48-4df4f3202324
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=6f9fb69c-cc3c-4eb1-af48-4df4f3202324
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=6f9fb69c-cc3c-4eb1-af48-4df4f3202324
Date
Mon, 20 Nov 2023 17:55:27 GMT
Connection
keep-alive
X-CI-RTID
7bf44677-ae49-4124-a123-1d01bac1abb8
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 3F0A 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 3F0A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d2f505d1-aa12-4125-af2a-32513a5bd3c9&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_d2f505d1-aa12-4125-af2a-32513a5bd3c9&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=0G-e-Z_GRiozPO66r74s&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=0G-e-Z_GRiozPO66r74s&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:27 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=0G-e-Z_GRiozPO66r74s&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3F0A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=T7JJaSR3mFqu&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=T7JJaSR3mFqu&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=T7JJaSR3mFqu&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-w6bcp
expires
-1
usersync
usersync.gumgum.com/ Frame 3F0A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4304418943288873880
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4304418943288873880
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4304418943288873880
date
Mon, 20 Nov 2023 17:55:26 GMT
content-length
0
sync
ads.servenobid.com/ Frame 3F0A 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_d2f505d1-aa12-4125-af2a-32513a5bd3c9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 53E0 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22968718&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
916f7174579c997adb979307592be6f203b2195c32ab542f71cfa85476dd9a8a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 13FD 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP77J8SG-1V-AUHK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
usersync
rtb.gumgum.com/ Frame 4085
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=8486070677431234590&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=8486070677431234590&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.168.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-168-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=8486070677431234590&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame CCA0 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMmY1MDVkMS1hYTEyLTQxMjUtYWYyYS0zMjUxM2E1YmQzYzk=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2393 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107277
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Tue, 21 Nov 2023 23:43:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 48CF 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 20 Nov 2023 17:55:26 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 6EEB
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVudj8Co8YsAAKnMWpkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZVudj8Co8YsAAKnMWpkAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Nov 2023 17:55:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 20 Nov 2023 17:55:27 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZVudj8Co8YsAAKnMWpkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
169
X-SO-Cluster-ID
0
X-SO-HostName
m-ad257.dc4p.scaleout.jp
X-SO-IP
45.12.222.170
X-SO-Key
ZVudj8Co8YsAAKnMWpkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"45.12.222.170","key":"ZVudj8Co8YsAAKnMWpkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad257"}
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad257
usersync
usersync.gumgum.com/ Frame 4663
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Nov 2023 17:55:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 20 Nov 2023 17:55:26 GMT Mon, 20 Nov 2023 17:55:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame B983
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 17:55:26 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 20 Nov 2023 17:55:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
LP77J8SG-1V-AUHK
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 033D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP77J8SG-1V-AUHK?gdpr=0
0
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP77J8SG-1V-AUHK?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8292905bd9e6363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP77J8SG-1V-AUHK?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
78e3bdce5107450057bade54d54a0a7e
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8AFC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107277
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Tue, 21 Nov 2023 23:43:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 13FD
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP77J8SG-1V-AUHK
  • https://ads.servenobid.com/sync?pid=323&uid=LP77J8SG-1V-AUHK
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LP77J8SG-1V-AUHK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LP77J8SG-1V-AUHK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8DB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
11203
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 14:48:43 GMT
expires
Tue, 19 Nov 2024 14:48:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1BD2 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c88dcc3456dfa875f7bc3c9e7e9cb7b2b05b5bde7208a79ac2e0a14b9f7c3128
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XinbRQUR2wIJ-StspiJS-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XinbRQUR2wIJ-StspiJS-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Mon, 20 Nov 2023 17:55:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
log
c21lg-d.media.net/ Frame 659C 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3435045261815440000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-100-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:27 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 20 Nov 2023 17:55:27 GMT
sync
ads.servenobid.com/ Frame E6A4 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=qrt-KJz-kj_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A333
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c49f655b-9d8e-4800-a653-2936d3d2309f&gdpr=0&gdpr_consent=
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c49f655b-9d8e-4800-a653-2936d3d2309f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 20 Nov 2023 17:55:26 GMT
Expires
Mon, 20 Nov 2023 17:55:25 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x9 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c49f655b-9d8e-4800-a653-2936d3d2309f&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 76B1
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Mon, 20 Nov 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
5891877
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 822D 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 17:55:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
41YT7FASZYC9KKDA0KXJ
Pug
image2.pubmatic.com/AdServer/ Frame 6E79
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TxQahUBFF4VUEU6GTEUC30FAF9ZUQxfVTBKgdTO6
42 B
574 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TxQahUBFF4VUEU6GTEUC30FAF9ZUQxfVTBKgdTO6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TxQahUBFF4VUEU6GTEUC30FAF9ZUQxfVTBKgdTO6
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 682B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7556108170959009897&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7556108170959009897&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
701363e9-69f1-4c75-a285-40b2498a015a
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7556108170959009897&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4B60
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303604453951010958&gdpr=0&gdpr_consent=
42 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303604453951010958&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 20 Nov 2023 17:55:26 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303604453951010958&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame A593
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=A4MJJV-9U7VmTq57n7gyaS0M3qo&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=A4MJJV-9U7VmTq57n7gyaS0M3qo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 17:55:27 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=A4MJJV-9U7VmTq57n7gyaS0M3qo&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame CEBE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_ef5d5f7d-0abe-48db-b904-0b4350188783&bsw_param=e05e85ff-7eb9-427b-9938-7e0525b78b11&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 20 Nov 2023 17:55:26 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
cs
cs-server-s2s.yellowblue.io/ Frame 7470
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEeE1rN0t0enNBQUJRT05uLTlsQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADxMk7KtzsAABQONn-9lA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4304418943288873880&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AADxMk7KtzsAABQONn-9lA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4304418943288873880%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4304418943288873880&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADxMk7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADxMk7KtzsAABQONn-9lA&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.85.125.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-125-66.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Mon, 20 Nov 2023 17:55:27 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:55:26 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 7377
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU991f4db496004d1198f04dae1ab2189e
42 B
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU991f4db496004d1198f04dae1ab2189e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU991f4db496004d1198f04dae1ab2189e
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame E0A4
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:55:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 20 Nov 2023 17:55:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 736B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVudjgAAAXy3YwBH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230111-FRA
x-timer
S1700502927.976286,VS0,VE94

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 20 Nov 2023 17:55:26 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVudjgAAAXy3YwBH
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230111-FRA
x-timer
S1700502927.850618,VS0,VE94
Pug
simage2.pubmatic.com/AdServer/ Frame 80BE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 17:55:27 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
bridge
cm.adgrx.com/ Frame 87E6 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
cm
ipac.ctnsnet.com/int/ Frame 0242 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 20 Nov 2023 17:55:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 02B0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5492443256410026847
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5492443256410026847
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5492443256410026847
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 8DFB
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831091986616
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831091986616
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 20 Nov 2023 17:55:26 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831091986616
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame 0003 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 17:55:27 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-d614ee3609d5@version_1.576
X-core-time
0ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame E9CA 		0
0
sync
ads.servenobid.com/ Frame A16F 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 17:55:26 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 53E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Du6fM3PfSAqWCNP6_FCzmw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=107277
accept-ranges
bytes
content-length
5622
expires
Tue, 21 Nov 2023 23:43:23 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 53E0
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=&ct=y
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.254.54.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-54-88.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.177
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.9.201
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 53E0
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=321412512
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=321412512
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
via
1.1 google
last-modified
Mon, 20 Nov 2023 17:55:26 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
via
1.1 google
last-modified
Mon, 20 Nov 2023 17:55:26 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=321412512
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 53E0
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWQ1S3NvNGRoLTlSZGVsajJEZU1WSkhYQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8486070677431234590&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
52.211.237.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-237-14.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 20 Nov 2023 17:55:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 53E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEVFRTlGMzMtNzNERi00ODBBLTk2MDgtRDNGQUZDNTBCMzlC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 53E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA9SCScFkKwmReRalVxHNtM&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA9SCScFkKwmReRalVxHNtM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA9SCScFkKwmReRalVxHNtM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 53E0
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E008A0E856F74B93B76C7D7DD89451C8
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E008A0E856F74B93B76C7D7DD89451C8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 20 Nov 2023 17:55:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E008A0E856F74B93B76C7D7DD89451C8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 19 Nov 2023 17:55:27 GMT
generic
match.adsrvr.org/track/cmf/ Frame 53E0 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 53E0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8486070677431234590
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8486070677431234590
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8486070677431234590
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
SPug
image4.pubmatic.com/AdServer/ Frame 53E0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZL998spE2uWvML9cESqeeqA0qDRYPZk-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZL998spE2uWvML9cESqeeqA0qDRYPZk-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZL998spE2uWvML9cESqeeqA0qDRYPZk-~A&gdpr=0
date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0EEE9F33-73DF-480A-9608-D3FAFC50B39B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 53E0 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0EEE9F33-73DF-480A-9608-D3FAFC50B39B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5079:1120:7dbf:7a0d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 53E0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 53E0
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3d8fd440e6f51680&is_secure=true&networkId=17100&version=1&nuid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI2Tx6LN5eNwMDiSC0AAAAAAA&expiration=1700589327&nuid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&...
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI2Tx6LN5eNwMDiSC0AAAAAAA&expiration=1700589327&nuid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI2Tx6LN5eNwMDiSC0AAAAAAA&expiration=1700589327&nuid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 53E0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2736676649113416841&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2736676649113416841&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:55:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2736676649113416841&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 53E0
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c5d70d9a-daba-4f1a-8c27-d6dba23af512&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c5d70d9a-daba-4f1a-8c27-d6dba23af512&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c5d70d9a-daba-4f1a-8c27-d6dba23af512&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 20 Nov 2023 17:55:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2998
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
6f138580-fc19-4d0e-b133-6e8a01315029&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 2B83
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/6f138580-fc19-4d0e-b133-6e8a01315029&partner_id=1010
0
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/6f138580-fc19-4d0e-b133-6e8a01315029&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8292905e9d29363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 20 Nov 2023 17:55:27 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/6f138580-fc19-4d0e-b133-6e8a01315029&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync.js
eus.rubiconproject.com/ Frame B983 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:55:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37775
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:25:01 GMT
d14fd088-1731-0771-3ebe-42d6d3cd6b24
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 0086
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/d14fd088-1731-0771-3ebe-42d6d3cd6b24
0
693 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/d14fd088-1731-0771-3ebe-42d6d3cd6b24
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8292905d8bd2363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:26 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Mon, 20 Nov 2023 17:55:26 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/d14fd088-1731-0771-3ebe-42d6d3cd6b24
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
ap.lijit.com/ Frame DB2C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 20 Nov 2023 17:55:26 GMT
X-Sovrn-Pod
ad_ap6ams1
8486070677431234590
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 7CF9
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8486070677431234590
0
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/8486070677431234590
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8292905f2df4363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 20 Nov 2023 17:55:27 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/8486070677431234590
server
nginx
v1
match.sharethrough.com/universal/ Frame 3AFF 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.27.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-27-82.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:27 GMT
cs
cs.yellowblue.io/ Frame 3AFF
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=c6d8935b5dc6c4566981db2abad11&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=c6d8935b5dc6c4566981db2abad11&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
108.129.5.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-5-53.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:27 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=c6d8935b5dc6c4566981db2abad11&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700502927246028-596
cs
cs-server-s2s.yellowblue.io/ Frame 3AFF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.85.125.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-125-66.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
date
Mon, 20 Nov 2023 17:55:26 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 3AFF 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=lhtzdJzzkp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 2F37
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8292905f2df5363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 17:55:27 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 9CB8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg?pi=smilewanted
0
626 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8292905e9d28363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 20 Nov 2023 17:55:27 GMT Mon, 20 Nov 2023 17:55:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg?pi=smilewanted
pragma
no-cache
khaos.json
token.rubiconproject.com/ Frame B983 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP77J8SG-1V-AUHK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1BD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3357394522306689&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usersync
usersync.gumgum.com/ Frame B983
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP77J8SG-1V-AUHK
  • https://usersync.gumgum.com/usersync?b=mag&i=LP77J8SG-1V-AUHK
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LP77J8SG-1V-AUHK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 17:55:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LP77J8SG-1V-AUHK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame D8DB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:51:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 14:51:09 GMT
rtct_adp_lib.20200515.min.js
js.genieessp.com/j/ Frame 0485 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1551001
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.129 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:27 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 02:05:33 GMT
server
nginx
etag
W/"6556ca6d-411a"
content-type
application/javascript
cache-control
max-age=31536000, private
cross-origin-resource-policy
cross-origin
expires
Tue, 19 Nov 2024 17:55:27 GMT
cic
ialaddin.genieesspv.jp/yie/ld/ Frame 0485 		43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/cic?cik=9OQII6LVOBN4H-Si4uxC6Mf1yx_HkaAo0yJEpob1YJAoqjs-X4qLOiG9XujXvqS9NukPdN02yXuBuiTG2AaeC_MrOUE&noas=11030163
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.14 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p014.net133186012.broadline.ne.jp
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D8DB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c8v9Kw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
async_usersync
ib.adnxs.com/ Frame 947D 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
an-x-request-uuid
f446de20-cb3e-4015-9b1b-2b1a176e1b8f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.170; 45.12.222.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700502927346&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1573&pt=1661353112&tz=60&viewable=true&ddast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f7f4a0529b66223363f490b911ed5ac74c14c422531334db65a25b421e20a9f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 20 Nov 2023 17:55:27 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1429
x-cache
MISS
x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
server
nginx
x-timer
S1700502927.358550,VS0,VE32
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C5F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8530971340121&version=m202309260101&ct=77&x=1&cor=17457273722317361000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t2.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-3&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1076044&studio_cid=3e442a30-6032-11ee-be32-437230130e01&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924250&cid=1139715&pid=169092&p=BCOc2k-PNJxSWh0BY6wjRrp1I4U-5ZtWgVMX-0nhfsV-aufZd7fo8X1k3m4fVyS4kpMZCI8EPXZwtG_gpC9KpZcxhrbqapPY3wIz8UxXwtVZUmAr3xv7A2k-OJkvcSjFcNxp1BEnYqd9wdAjynOMKkSvsBsIiFaPNpbqluHq6pm5XBlrpxR_torMExObbP5kTYBqVlv--4zzu1Gno2CGZ6URaA9aeH4h1AybLqPJ1apwJ6hl_5l6BvtKgX442we2aRaRIU-hIAJH7mBMeAwgRv_lPfDb4LbfUrFvErukN1CIylrqBDIiUcTdJHCei3xbNDZHPjJAmxI40bHDGnTNrhit1MhGbtZkjKbVxJP1_rnjZQ&cs=-18035922841976667905&slot=native&fv=1289&ts=1700502927501&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
pd
eu-u.openx.net/w/1.0/ Frame A09D 		802 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Requested by
Host: genieeintl-d.openx.net
URL: https://genieeintl-d.openx.net/w/1.0/jstag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
85bd3b229eb4b44da9f35adb073d1d7458bbf49e0a9d5ed1d655c406de69e1d1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
456
content-type
text/html
date
Mon, 20 Nov 2023 17:55:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame A09D
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831091986616
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831091986616
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831091986616
Date
Mon, 20 Nov 2023 17:55:27 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame A09D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVudjgAAAXy3YwBH
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVudjgAAAXy3YwBH
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230111-FRA
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700502928.640318,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVudjgAAAXy3YwBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame A09D 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame A09D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?val=AADxMk7KtzsAABQONn-9lA&id=537125688
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?val=AADxMk7KtzsAABQONn-9lA&id=537125688
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?val=AADxMk7KtzsAABQONn-9lA&id=537125688
Date
Mon, 20 Nov 2023 17:55:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame A09D
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=78699dcae0ac18e8&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIKWB9T6e1iwMIzYyNAAAAAAA&expiration=1700589327&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIKWB9T6e1iwMIzYyNAAAAAAA&expiration=1700589327&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIKWB9T6e1iwMIzYyNAAAAAAA&expiration=1700589327&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame A09D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=A4MJJV-9U7VmTq57n7gyaS0M3qo
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=A4MJJV-9U7VmTq57n7gyaS0M3qo
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=A4MJJV-9U7VmTq57n7gyaS0M3qo
Date
Mon, 20 Nov 2023 17:55:27 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
dds
rtb.openx.net/sync/ Frame A09D
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=q1OYIo7SgMGev8mNfmj57A==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e0c2745a-b7f8-aba6-491c-93cf52260e1f
pr-bh.ybp.yahoo.com/sync/openx/ Frame A09D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/e0c2745a-b7f8-aba6-491c-93cf52260e1f?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5079:1120:7dbf:7a0d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame A09D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=e05e85ff-7eb9-427b-9938-7e0525b78b11&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 20 Nov 2023 17:55:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame A09D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg&pi=openx&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg&pi=openx&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=K_Q_xzeXvTqL3_CT3F-KypIBdUY_jPVY7LQf6cPSoqg&pi=openx&gdpr=0
pragma
no-cache
date
Mon, 20 Nov 2023 17:55:27 GMT, Mon, 20 Nov 2023 17:55:27 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=progress-2&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1103884&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924323&cid=1166828&pid=169092&p=MArKospFRUptQu4JPkp-6TUxPZzAgS0k_rbPJoOInLOh3bvfR17haDKn_DyTA6jc1q-_sn0XwAOJL2oCABe6DAydpyUBLnddaRRpvVN2FyEyWCeHKydZLtv11voB6SjY1MWamx3CIlMTAtQaPfu9Ozc1jFwNbm5MhWEd7mkuaKB3-eLu-zrJZAYOEGqwdniRrm9BUrMmKZTQNDxpppbPwdpaWH1wZ74rMCllMZmFn_5K1S9QdbPFyzUe6iaslTKUyPtOEMWi9MWufqsVx5sA7qE7vZp1Z55kSey-vwaNPO8qbhDTR-XpnfiRA88NKw04qIDOra_rolwnvE6RwPExciJMhL_LyzgLc74zQzN_I0I0DA&cs=-326032403181863793205&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 743C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3357394522306689&bg=!1dal1pnNAAZxrfrxUa07ADQBe5WfOFX_uzn9MaVc3M5KsNnlx9dtJ_yfkBTYPh9BruBoZtqFgfI4hIji7DOImgJiWgT_AgAAAI5SAAAABmgBBwoAsiHaWAaNp9Jb0ONeecHhWo0H2w7V1KDF9Gmp_ZZV542lAUAaT1o8gRmR_Z7xcSdb-wPQGqbQw0MZpNQYiTCCsUrziS2CJ8TQn9airgAkDMNdzCtHhTG-ngxHG4JS0cBTU6OmvMhUn-B-kX8h53xm8ctUbzEnHAKPEfHPw39M4AOVabNRG5tjnBuBiE-HDmxkZeKTAj_t-_U82bDzlPP2IMtZw8Ks_PoCKa9DYbN4xzd-XkyZAsYGMERKwtwZRod9v1HHy2Mn1Ho_lAUwxSjfDR5f8_hzdQTfVFV1Otkqs6Ll3BDsN65YJjGSUX2T4DCL4QrMppEMoWNoRQVi7OqgNVxZ_CXiiGAF6z3c3yo2xoW1bmMws2kOKpEsRcHzUonQNmv7lfAO7ol2oAURE7Eo5QBQujgfu__HE7EL9cW5lqRJDhqYp8GEIzqdD0zeoD5B4Xc20yvGYNmSJsN8Y25BrtSDUV0XXy7pdDKf8irdmN-0YRLPQaMFRRZQnRIQbHpO2G7gDILQK8DHZ1UqD3-i_WIzARl_xotq2dvoyAAJgjbR3_ZVQptzFJ9qjf1nh5v2v2lqWB7C1uAdvbLTDDlGSSoapaAd9sT4e1DsmA8t7F3FjIn0ZTCmPycTvU711YtLOVzMvdPC-LWNz57Wh1fV0mRxL--K1i1mAaI3WcnAlogiTlJ9BUxETvXWagfEEB8UijYqyNAWgOkNdHLGf2eRaeEHKRc-Ql3YsqbGj-JOBeZBgDz5C1xP-h0TepVZawXuJVmz7HN2qzVtzHPWxPHOSyF6CfDuph25JpAbRO8kbOVW5jvFopHVgqjnsFXQfWKKGwt05cGzqzF5DeMutfOvZo3GA31i2Gcap_tYbEpN-EeftNzK4HM9sygiOuA2alVFmbAZZwxzOIatPQn8V3FZ2ObNak7rG_teIPZcrjPg_cSqLQmBb3qz9-pefGx4E3KHAv6yoqpJBmTbVtVZCCZnfoTFt99bfDcVg3tf9oBeaHKKNaKWKRV1H7CfPHdlQ5sVCv1LklYPIwHeU8rQ86uVX1iqAbjSeHZ0EQlfkzdvPvzovc3qlDN3HNjRyDZE85TdbjMZBuncczREpdtuZpb4J8F2lLEucEO7SF-G27z2HIZiSeP2XvAaj5sk-gFVKhdb9ODF2H8kx60HkuL8lT_lEVl5SQcW-vzk2XX7JA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2WuSQgyV2Mma34UCeCjP2Ram0cuiEgv4f9TR1%2FIlc4lsUQbvctkLSiFPlG4Gcl0nOPuUTqhaPQWhS3b7w7TAWavf7MeGUb7JZuqbG7fI%2FlX9gSIlClvhPZ%2BrGcq9tErZqgDIWg2eS9OcUSSF3TU10OGHDYQba7MLIyggRqczNR0z9Y2%2FBOXsRXZDEFibD...
ad.vidverto.io/delivery/v2/content/tracking/progress/1812/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1812/2WuSQgyV2Mma34UCeCjP2Ram0cuiEgv4f9TR1%2FIlc4lsUQbvctkLSiFPlG4Gcl0nOPuUTqhaPQWhS3b7w7TAWavf7MeGUb7JZuqbG7fI%2FlX9gSIlClvhPZ%2BrGcq9tErZqgDIWg2eS9OcUSSF3TU10OGHDYQba7MLIyggRqczNR0z9Y2%2FBOXsRXZDEFibDeMwYcwKAnYaAs3lMIKpx%2Bprzg%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:28 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
track
t2.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-4&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1076044&studio_cid=3e442a30-6032-11ee-be32-437230130e01&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924250&cid=1139715&pid=169092&p=bUaSDU2BZYEGXxQ2Psl1Zo1nBoIItPAjgv7mwMk2arbvuzdA-Jw5XBl6X3JGfTu59klRJVDE5HnhuOA863e25fG3UFGY25Jyu-TFCx0FKLH-XzcTzelkpL8jS9NzJqW102p7nUOZIuO3s-riqt2Qh9-TQvgiH6FFfqwKCkqNDXHgwHVqAsm7v2IvTTzVHngNjukGaKitAX4ZjBhRES8ENhZPXgZTk5-34I61qoisbyNHcRm0ErnfKq097aEFpiCZMcbAwgtZoLk2GAdubGmj5N1eK5r56SM0_arS-PaYZTv4lKNG0KrTAlONLqr0mP-1_zTz1hmWShnJY_CQG-p4yEMKOZmN1oT6s5WYMVXyjQ7lnw&cs=533095781623440861805&slot=native&fv=1289&ts=1700502928481&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=progress-3&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1103884&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924323&cid=1166828&pid=169092&p=X-PybQyiGDYQiwm24YKdRTOxczM0q0topDSvLyB7qAn1VzAezAoDMvGoRBaAmMOZaz_RarpoaRWODk--ExwJJFR6PiZNkYu9MQKyLcta0SJI9bIYTjsqsxF639uSpiJx_vdDdqNAoi7ptDWWjO3CBuLywp83XukiPYZ5MvC6n19d-nWFKLsRMelRGoefRyhtAtZjVBmqW4MmBbKZ1Rl2qNSFxp0c_Qza7yV9JE_bnIXRS8sHGTkETax4N7jctbEHf8EqaBHxrYzzIW9QQDa8Nkhk9WRQIv8G36uGj9bLeOuLpQdTXVWorZ6jo7FW93Jmj_omoqdCiIG9NjMkUqJyB1cRn7CMdpxGl6KstyhZY3B4gg&cs=544127890918229731305&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 53E0 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700502921949&gcd=11l1l1l1l1&dma=0&cid=1495016026.1700502922&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700502924&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html&dt=%E6%BF%AB%E6%AC%8A%E8%A8%B4%E8%BF%BD%E7%AB%9F%E7%84%A1%E8%A2%AB%E5%AE%B3%E4%BA%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4&tfd=9237
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t2.teads.tv/ Frame 9B69 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-5&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1076044&studio_cid=3e442a30-6032-11ee-be32-437230130e01&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_7c97791c-cabb-4ed0-bb67-2e5ede636b15&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924250&cid=1139715&pid=169092&p=JJX3S7No0UvLK0p249AVLTJ-EPl6PmrVzUQwziQbQ11N5v3UD44Pdwnf_UvLfmFBMmEGjzqoCxYOxniuftMjaDJAIAFkhNpMqyocABbfKWQZYr1I7bS1M-M3lLz5HyIJoWe8rgCXcN6ZlzxZEwYGD_a2LYs1OLDrVM1DVwCeR59vDflC_pavKqbaThxCy3HPblGH6nC8r1kNv6qd79v708ETqnaEm1PmzwLOGvLMSNnMI4HsLcYlsHx4IbcZpPZl0gtDsJAEp6hYr80GMNdiTRMFHJ9zw-Ncqpdm6uJYPy06FAH1gEnplVvWzHPW9h6iffGJzVzrArDqoirtn_ev4Oi0PPuOTBPqLsxM_a9T5Z2z1g&cs=67165922255680462805&slot=native&fv=1289&ts=1700502929481&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=progress-4&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1103884&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924324&cid=1166828&pid=169092&p=fTrHcE_tII-Uk6lQpqq0N7XYOUwiyHHXAbGriQaDfcHM7IWgHXHZHfMw_6EZVzP6HBTLhEkr8Pop-N7z_CjUQJE2Y4SWpfd2nFOX2Tj-cGG3SJ5AlFhqmc6ns30Ae_ZU83KkcU9XJbXYj7qXvNDSz40hfQCf6Gt9rNMk2IfScBpPFXGLyrIQTM2fJr7Nc_jqGofMUkACUcr-CkPewMhg5bkapkKnvCpXQo1cXNq6GGd0h8kyGJ2vq6owoBda6ENd6_-NELwzxAUjgxnC4uu6P7i6wM5MEzeiuTpWedBaKLBFrB9wf4GwHN-tU8CB86f62LTEFGbrHh7RwQO_t97PtK-Ujmw_81KlIxqtHSqIhF2O0w&cs=-816923987766018527505&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 53E0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45605695&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a521cc94886d44f5bc848f7ce3be3d9850bb94e61164636f6a48bd4b7f9b15ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 20 Nov 2023 17:55:28 GMT
content-length
1582
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 63A2 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 20 Nov 2023 17:55:29 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame B427 		0
0
i.match
s.tribalfusion.com/z/ Frame 0422
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82929071be041905-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
829290706caf1905-FRA
content-type
text/html
date
Mon, 20 Nov 2023 17:55:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
50
Pug
image2.pubmatic.com/AdServer/ Frame C493
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ba76dcfba2bc712b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=dfd943413036012a42a6214e39ed5eaa&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhgTUQjMhgXhjTbXh&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhgTUQjMhgXhjTbXh&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 17:55:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhgTUQjMhgXhjTbXh&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame EEF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 20 Nov 2023 17:55:29 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 7F51
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E008A0E856F74B93B76C7D7DD89451C8&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E008A0E856F74B93B76C7D7DD89451C8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:55:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 20 Nov 2023 17:55:29 GMT
expires
Sun, 19 Nov 2023 17:55:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E008A0E856F74B93B76C7D7DD89451C8&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 78F5
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5010962321
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5010962321
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 20 Nov 2023 17:55:30 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 20 Nov 2023 17:55:29 GMT
etag
RXb4879de7e00d4b6ea06c9b9fe28f40f1003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5010962321
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame 6E9F 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 17:55:29 GMT
mw
mwzeom.zeotap.com/ Frame 53E0 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:29 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
829290705f981e55-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 53E0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:32 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:32 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 53E0
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=0EEE9F33-73DF-480A-9608-D3FAFC50B39B&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:30 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 2393 		47 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93201446&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 20 Nov 2023 17:55:28 GMT
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 8AFC 		47 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10693931&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 20 Nov 2023 17:55:28 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame D9D3 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Nov 2023 17:55:30 GMT
Expires
0
Pragma
no-cache
0EEE9F33-73DF-480A-9608-D3FAFC50B39B
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame C22A 		0
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
829290712ee4363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:30 GMT
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame FF0F 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Nov 2023 17:55:30 GMT
Expires
0
Pragma
no-cache
0EEE9F33-73DF-480A-9608-D3FAFC50B39B
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 3AAC 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0EEE9F33-73DF-480A-9608-D3FAFC50B39B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
829290715f39363c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:55:30 GMT
server
cloudflare
vary
Accept-Encoding
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700502930312&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1573&pt=1661353112&tz=60&viewable=true&ddast=V8IekCLAYowzCl3SrXrBJQhmFKu1WuWS0AAABgYID-AIk5bLaFy7RbKwbDwVq02CzWEt_E4pZZFobdZDGaeFamISAxh822cJl2a8VgOFiLFpvFWuKbWNwyy8KwmyxGE8_KNAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AY-aDodPte9Xvf73SU-z1zj9yv8YofdrXg97G7N6y09up5uqdPuc-teb4nL6RY6nG7Jy24Xmt5mOwAAAAB48P___w8BAAAAIAIAAACABAAAAAAKARX-LQhcAAAAAMDw____rwHgmQOBuCx3fwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiBBb9Iwi83YikQLAIowAAAAAtDB4qx6ZpBNULKr8___3WwG4AgAQsNj-fTaURXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjvXCmmA3HGl1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJxsbAuTxTKaOByuwXLlm0xMI49jN1wMJxbnyuU97NSCzuyJCJd9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMy4GM1Gq8VaY_Lt1qKNy-KWmFYmt27lsG2cu4nLMFu5Ra-P6eNaTTaDhRcJBhDtRfK0SCcSm8thGaxGHotzttwYlyOLxTIzTpazyWzh3G12E7FEc7JIJ7LLvjjZ2BYmi2U0cThcg-XKN5mYRh7HbrgYTizOlctfMy5Gs9FqsdaYfLu1aOOyuCWmlcmtWzlsG-du4jLMVm7R62P6uFaTzWDhb-wGg9VgspxM9o3dYLAaTJaTyb5DZ_iuPmejsqySfFwSnd-yrdWcBoXLYPG-1KfzsGAsWH-fo9NnGyo7O6Pf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wix12t-L1sLs1r7f06Hq6pU67z617vSUup1vocLolL7tdaHqbLWKJ4HSRTkQv4-mi_qMGWs0Vk7lkMpkrdoNVAgAAAAAAAACwBNNMNwEAAABwMqjhZrhYrdPBTGaTwW61XAAXQVm6gEEAAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx2-wzglir1bIGAAAggA0AACCAm268CQiL4v7____HAQAAkJFDDwAAgH4fENaBK4VeOBK_gtgsJpv9A1Ah1mq1ut1Yq9UKSEDL1WoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!pl148380-820_vC!uf1p_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b56f04aaa28d1fa28e8fbddbd8ff8472315cc8f0a603e2a354514e5e932bb5f3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 17:55:30 GMT
content-encoding
gzip
server
nginx
machineid
1460
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=progress-5&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1103884&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924324&cid=1166828&pid=169092&p=0yMjpuM4EOJIiI0WJe6ACm4Wk-PUS3uXJq0e_cokJfXtFW9AmOSEE_i1mTiSnhj_d0Vvzuwl9ins3enetNLd9lU-Akl36wPvPBCAx8ntgk0CtSGS3EhjYWJminHwOBeO2Zx_kIHzDAxDPz61LhH8I7mPu-9NiixwjvPgT_i6qa2-wBCQxn8ZcouPJP2OJkKiAqkdXup7AAw3_iJox9fYj_FR0qSpdM--5hXhvZHK579ErcmNj0XFggyNDxUB48TRPiRgVwQlzcoEatfv7iV9-IUofjcn_nkJ2vMiZVqUzY9mfx6kMdGU6zp_LPFm_zSnUTmrKzWmd-Y0e_6SYhMNjplMoVF-zkLtEWjAifAgSAWRgQ&cs=429816125576463487405&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=firstQuartile&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1103884&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pscid=20204&scid=7024&pfid=72&cph=00:00:05.158&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924326&cid=1166828&pid=169092&p=1izXHtcliI2XpZY2ADLtW94-5_QVHWCt2FarlAMWLx9f0yygHSgGMJVYaeHwfp2teLzX0Dszx9GqvKVc9B1oJaeg3f_BQ_oHIoqh9Cdnn0lU6TUc5zl7uWr4ZvJr-Vd37HAfrSNbDuxJiPdQb1RtMNWPOvUEPaB9mBFHpyg8O0SrUefSoLkZFazMR-FPipl4UP0vnTzygn9uDsbxoVfxAZ1KpzWwKh3ozCxSs33lEntgQwdfOaeJGOQGSg9rlCm6jgsartlxGeXf3TBdIPUcHEl7Qe9hDCAknkvVc13CVS3I_khbhJu7UR4c3fm8kFcFXE6hUSBFaGo_z0liXVwg6gBMZzUo3Xl8hEY0Hl_7Hm8kZw&cs=-808650222379065167605&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=10143&tvi50=13123&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231120-17-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
72
date
Mon, 20 Nov 2023 17:55:30 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
69008
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
server
nginx
x-timer
S1700502931.837735,VS0,VE72
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
track
t2.teads.tv/ Frame 36E3 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=progress-6&vid=c0f93223-cbb5-4583-97be-40ac58427f7e&gid=1103884&studio_cid=5602f1b0-7fd1-11ee-9ad6-af8e8bf56c89&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=2642f968-99a2-491b-8fcd-9ce3071cc418_6dafd43c-8f4c-4923-b6c1-265cd87be2ce&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700502924324&cid=1166828&pid=169092&p=OPwmf_fPD8SMCJUgfQZ498VP3QWfzwbSa1EAvtjYXxEzNj5aFtcI7xj3BzOL3g57Ze8Zw6RSKVFTB9Vod8mptTo7LRG346VtdcTIu6ISf3P8zM1C89mvGUNAxC1y_yf_Jx1EOdN_Cxml1vFb36hXo0rakqf8niM5ZUqQIzocxyhPNFjJDXY4aZFkaHNU7M9dKuHhfgohbnDRzO62o06h_XwPhNL0ZQ5P0M7lQWdGHRWTysHtIHGl97e61L2ev3GK0YqSg7yr4gwincAxlZVGYrCZ0XrrtznKHPL1dlDwhx-zHhgQoouVvG-PD6TYKHe_cy_y42FpWI8W6HMdPHYOFUKLo0xYb2-5L7ro9fObBiY_SA&cs=-643682001434483439605&slot=native&fv=1289&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flan-quan-su-zhui-jing-wu-bei-hai-ren.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lan-quan-su-zhui-jing-wu-bei-hai-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 17:55:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 53E0 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:55:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/25ab013cc209caf846a057d055993da6.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0362872bf1f09a34ec3bf0c6e6b876e1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/228d7b576326ee3f6d73f3d57350f942.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a3bee0792a70f187e049b8c86d2a8742.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/85eda784e59507da4a13ed75e98a44b8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/e501a6e91757a4f235143441cd9d10db.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/6bf5ad652007bd29027e25d245fb5121.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e321bbdf3eb782802f56fb714a5b8a2d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/fb1b883a5ccc78e3867c489b5b0a73b4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8618fec15820ef2d8116a66a1501306c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/c454f9fd145ccb8483807508df6cb111.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/b4f53ecef0c48ed360f94000b96f3f3c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/7b0ceb7843f8fd8457fe51866ce294af.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/4120a2b5f6ee313cb7d5a75b32e401e6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4a532341115027cf5d70b53edc9bb8ac.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/051214e0ed6f4e9bcb1cb206d62fb23c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/19133474208ae957124467ab31d87274.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/267882ed1ec73d9f83e9b3495a64a631.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/a17a0fe8b3d356f8f0d385c771b67b9b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/6f4f14fbc54fbe36193c56e5801ce169.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/dce482ca02ea5e525a6b031513458287.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/dc8b12cf3f577f406872d76ea73f2a56.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/f070e9b01ef90c35da1dc0318e3d40bb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/22c7a3d7bfc264b3ec10e191db5f288e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/2365b7a8def725548b7bd239fdad6618.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1852d8399f79b11a054cc204c95aef9f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/035d34ab641e15175295c77d96d7a7ed.jpg?w=150&h=100&q=100
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEMYO8IYq_wQT-6sIwp8p1iQ&google_cver=1&google_push=AXcoOmQnBnQlsapz7-jD4ULN0MwpZp7Vk97cohqhcY17NqwIemAumd25_17ddW3PUzPThOS0RaHaNg035jQMje0SEdVoRbvXTwO7GqeuYvAdzirNiAsusf8f0oW9rjb-Ldn-4nDqlLSTI5owwcg48S5ohSRO
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| AMP function| _statcounter object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| adRecover object| ggeac boolean| google_plmetrics object| google_js_reporting_queue function| setImmediate function| clearImmediate undefined| google_measure_js_timing number| google_unique_id function| $ undefined| jQuery function| jqAlias string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| aries function| _typeof object| TRC object| _tblConsole undefined| msg object| google_reactive_ads_global_state object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| Criteo number| vidverto object| regeneratorRuntime object| aries_registry object| ucf object| request string| paramsString function| quantserve function| __qc object| ezt object| _qoptions function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| inView function| VASTClient function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _aries object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| inViewWindow string| nam object| placementData object| vidvertoPromiseCache object| closure_lm_559919 function| VidvertoPlayerVideoPlaylistUI boolean| noPreviewPage object| closure_lm_182884 object| cmTag object| closure_lm_143352 object| _cm_wfCounters string| lastWfUrl object| google_ad_modifications object| google_prev_clients function| Zepto object| Backbone function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135

210 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDFFgoJCP____8HEM8W
i6.liadm.com/s Name: _li_ss
Value: CgA
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1700502922.DDA8030365884F990108D26CC10A025A.1.1.1.1.1.1.1.1.1
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1700502922.1.0.1700502922.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1495016026.1700502922
.statcounter.com/ Name: is_unique
Value: sc12918656.1700502922.0
.statcounter.com/ Name: is_visitor_unique
Value: 1700502922869645009
www.bg3.co/ Name: __AP_SESSION__
Value: 9b3af1f3-1648-4df6-aaec-dfc9487851ed
.bg3.co/ Name: __gads
Value: ID=64727a1b3b6791b0:T=1700502922:RT=1700502922:S=ALNI_MbTuRTxEgzBi-4MYZqMz2mSXpRONg
.bg3.co/ Name: __gpi
Value: UID=00000ccecb505047:T=1700502922:RT=1700502922:S=ALNI_MbkLTSGqPPAbGpZDYJAgWlWY4m6sQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkjkdTZspb99JEYg4m1CPghM1GfH76GYzJWl80yHxDScmH1foyeMFRf1zdobJA
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 68bdeb80-a8ec-40c0-8bf8-2abe6f99face
.openx.net/ Name: receive-cookie-deprecation
Value: 1
ad.vidverto.io/ Name: moxuuid
Value: 30c62474-6efb-4d74-9543-7ea0e83e191c
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1700589322
ad.vidverto.io/ Name: _mwayss_imp[24632][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[24632][frequencyPeriodEnd]
Value: 1700589322
ad.vidverto.io/ Name: _mwayss_camp_imp[11177][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[11177][frequencyPeriodEnd]
Value: 1700589322
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1700589322
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1700589322
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1700589322
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1700589322
.prebid.a-mo.net/ Name: __amc
Value: 1_1700502922_1700502922
.omnitagjs.com/ Name: ayl_visitor
Value: c814af3fca392caadea7b3526a348498
.bidswitch.net/ Name: tuuid
Value: e05e85ff-7eb9-427b-9938-7e0525b78b11
.bidswitch.net/ Name: c
Value: 1700502922
.bidswitch.net/ Name: tuuid_lu
Value: 1700502922
.rubiconproject.com/ Name: khaos
Value: LP77J8SG-1V-AUHK
a4p.adpartner.pro/ Name: apuid
Value: 4d7b4bec-080d-46ae-b75a-1b18da32d324
ad.vidverto.io/ Name: adpartner
Value: 4d7b4bec-080d-46ae-b75a-1b18da32d324
.quantserve.com/ Name: mc
Value: 655b9d8b-0aa5d-88a81-b8253
.bg3.co/ Name: __qca
Value: P0-2048840126-1700502922895
.criteo.com/ Name: uid
Value: 03756b21-2b69-45ce-9f52-1d1a26c25b03
.teads.tv/ Name: tt_viewer
Value: c0f93223-cbb5-4583-97be-40ac58427f7e
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.admixer.net/ Name: am-uid
Value: 22f885999f4c4152a9dac6be57f131fa
.aralego.com/ Name: sspid
Value: cc1bb804-005f-39bb-8c3a-2d43edf42de3
ad.vidver.to/ Name: bidswitch_com
Value: e05e85ff-7eb9-427b-9938-7e0525b78b11
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Df8146451-cd77-4ceb-b4ed-7ea6c97be06e-tuctc55230a
.aralego.com/ Name: euconsent-v2
Value:
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1700502924.1.0.1700502924.0.0.0
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
.linkedin.com/ Name: bcookie
Value: "v=2&4aafda03-48a2-4592-8b63-1844e2bad7d4"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDA1MDI5MjQ7MjswMjEcb13hwaGrZ+bJdfVw6DALD3GThJfZDlczu5PfGjIk3g==
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2773:u=1:x=1:i=1700502924:t=1700589324:v=2:sig=AQHe4GyK9uASDg6RpZhBxNsSnxVJWGeX"
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2C%ulV^F0!]tbP6j2F-.aDabByFnKcfLvUlwlstC1Yh*k1pirBK/])b5e^`%v4VB%nmt!(][Sz
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQNzdKOFNHLTFWLUFVSEsiLCJleHBpcmVzIjoiMjAyNC0wMi0xOFQxNzo1NToyNFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0yMFQxNzo1NToyNFoifQ==
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 7556108170959009897
.yahoo.com/ Name: A3
Value: d=AQABBIydW2UCEPHM7s7JHXHPsNBomC3e1QAFEgEBAQHvXGVlZQAAAAAA_eMAAA&S=AQAAAnDouWrsZvBgbFE19nmYzXI
.connatix.com/ Name: cnx_userId
Value: 14e58de4ffc042f6b7be4fbceaf54f85
.bidr.io/ Name: bito
Value: AADxMk7KtzsAABQONn-9lA
.bidr.io/ Name: bitoIsSecure
Value: ok
.agkn.com/ Name: ab
Value: 0001%3AzCl6mA9Kq5FQ%2B1i2%2FnSNnPiET0PvMgnO
.www.bg3.co/ Name: _im_vid
Value: 01HFPXYVCW3RJCWMGFZB9WK5B4
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1700502924701
.tapad.com/ Name: TapAd_DID
Value: c0e92296-4086-4b29-81a2-5c7c48ac5657
.krxd.net/ Name: _kuid_
Value: P7XazJvN
.amazon-adsystem.com/ Name: ad-id
Value: Ay5qgpbynEsLo20xQj-T084
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.bluekai.com/ Name: bku
Value: m3X99/05VtPyxd9C
.bluekai.com/ Name: bkpa
Value: KJy9R9Y4d02pSUHknpx6meDTwtkAwV1yjMAp1M/pnVBiRMD+BeDT1068BtJknExyRV1Nmex0BtRljP2k5P2MSYjLSVNo5e6hJZ5AzcJ4Rt2rztPr5e6ZUlx21Ezy1eDy1MA0BexhBQ19HJxz9y==
www.bg3.co/ Name: OX_plg
Value: pm
.openx.net/ Name: i
Value: a7a92d47-8ed3-0618-221d-4dd2c956f0ab|1700502925
.casalemedia.com/ Name: CMID
Value: ZVudjV.RVDLcnq5IycOZiAAA
.casalemedia.com/ Name: CMPS
Value: 1155
.casalemedia.com/ Name: CMPRO
Value: 1155
.doubleclick.net/ Name: ar_debug
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: e413978ebb529a58
.gssprt.jp/ Name: gid
Value: 685e4fbe9f8e4c6477e0de6be4412b8e
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-20T17%3A55%3A26%22%7D
.genieesspv.jp/ Name: rtbhouse
Value: 0
.genieesspv.jp/ Name: yeahtargeter
Value: 0
.genieesspv.jp/ Name: gid
Value: 685e4fbe9f8e4c6477e0de6be4412b8e
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0EEE9F33-73DF-480A-9608-D3FAFC50B39B
.adform.net/ Name: C
Value: 1
.servenobid.com/ Name: pid_337
Value: y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
.servenobid.com/ Name: pid_312
Value: 7556108170959009897
.servenobid.com/ Name: pid_339
Value: y-utkNefFE2uGPfbWxpgyT5uwMASKB3_fV5jTW5Lc-~A
.smartadserver.com/ Name: pid
Value: 4304418943288873880
.gumgum.com/ Name: vst
Value: e_d2f505d1-aa12-4125-af2a-32513a5bd3c9
.servenobid.com/ Name: pid_333
Value: ZVudjV-RVDLcnq5IycOZiAAABIMAAAIB
.go.sonobi.com/ Name: __uis
Value: a3755448-e6af-471d-b6cf-ab36a788ad65
.go.sonobi.com/ Name: HAPLB8G
Value: s86199|ZVudk
.adform.net/ Name: uid
Value: 8486070677431234590
.lijit.com/ Name: ljt_reader
Value: HsGTsRZH2hLJHmrASH6WgUUw
.sitescout.com/ Name: ssi
Value: 003f57a2-8ddf-49e0-bc1d-3fd828698a74#1700502926567
.servenobid.com/ Name: pid_332
Value: 4bdc22aa-a15c-4535-b338-bb9abfaaf84b
.turn.com/ Name: uid
Value: 2736676649113416841
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_353
Value: 0000EEA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjSwNLS0MDMzNBPiM9QttvQKzMryLyzxKM8FAMyoYSolAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjSwNLS0MDMzNBPiM9QttvQKzMryLyzxKM8FAMyoYSolAAAA
.adsby.bidtheatre.com/ Name: __kuid
Value: c5d70d9a-daba-4f1a-8c27-d6dba23af512.469716926
.csync.loopme.me/ Name: viewer_token
Value: de23d351-6c13-4ca4-8c6f-70b306f98092
.minutemedia-prebid.com/ Name: wrvUserID
Value: qrt-KJz-kj_mm
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.servenobid.com/ Name: pid_310
Value: HsGTsRZH2hLJHmrASH6WgUUw
.servenobid.com/ Name: pid_309
Value: e_d2f505d1-aa12-4125-af2a-32513a5bd3c9
.audrte.com/ Name: arcki2
Value: ed5Kso4dh-9Rdelj2DeMVJHXA!20220908!1700502926725!ip#45.12.222.170
.metadsp.co.uk/ Name: ruuid
Value: a34ad13c-40c3-4dad-9df6-e0b0a9537f97
.metadsp.co.uk/ Name: c
Value: 1700502926
.metadsp.co.uk/ Name: ruuid_lu
Value: 1700502926
.quantserve.com/ Name: d
Value: EM8BEQG8KvijCJiTAA
.contextweb.com/ Name: V
Value: T7JJaSR3mFqu
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4bd2ea1428ec139d
.creativecdn.com/ Name: u
Value: REiK7GycIaoVEheLZ1Bp
.creativecdn.com/ Name: g
Value: REiK7GycIaoVEheLZ1Bp_1700502926790
.creativecdn.com/ Name: ts
Value: 1700502926
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-07acc685-4430-31cd-88b7-42efcc982bbe
.servenobid.com/ Name: pid_348
Value: qrt-KJz-kj_mm
.audrte.com/ Name: arcki2_pubmatic
Value: 0EEE9F33-73DF-480A-9608-D3FAFC50B39B!20220908!1700502926819
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2f5t:19e0~2f5t:196n~2f5t:175w~2f5t:18z8~2f5t"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003%22%7D
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMDUwMjkyNjg0MSwiMjQiOjE3MDA1MDI5MjY2MTAsIjM5IjoxNzAwNTAyOTI2NjEwLCI3IjoxNzAwNTAyOTI2NjEwfQ
.adfarm1.adition.com/ Name: UserID1
Value: 7303604453951010958
.servenobid.com/ Name: pid_316
Value: 0EEE9F33-73DF-480A-9608-D3FAFC50B39B
.yellowblue.io/ Name: wrvUserID
Value: lhtzdJzzkp_s
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: dfd943413036012a42a6214e39ed5eaa
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSElLsTQxNjE0NjA2MzA0SjQxSjQzMjRJNbZMTTFNTUxkAILU6Ll9IBoKAEfbCok%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIjZ7bB6SgAAAXrQHs"
.gsspat.jp/ Name: gid
Value: ef5a6cb8f6f6993411e2f080255de18d
.weborama.fr/ Name: AFFICHE_W
Value: d7sfoTRNtxt335
.mathtag.com/ Name: uuid
Value: c49f655b-9d8e-4800-a653-2936d3d2309f
.ctnsnet.com/ Name: cid_7a554046abe646aeb3e0feaac6bdf950
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVudjgAAAXy3YwBH
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_ef5d5f7d-0abe-48db-b904-0b4350188783
.360yield.com/ Name: tuuid
Value: 6f138580-fc19-4d0e-b133-6e8a01315029
.360yield.com/ Name: tuuid_lu
Value: 1700502926
.de17a.com/ Name: guid
Value: 1.5492443256410026847
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-TxQahUBFF4VUEU6GTEUC30FAF9ZUQxfVTBKgdTO6&KRTB&19420-TxQahUBFF4VUEU6GTEUC30FAF9ZUQxfVTBKgdTO6&KRTB&22979-TxQahUBFF4VUEU6GTEUC30FAF9ZUQxfVTBKgdTO6&KRTB&23462-TxQahUBFF4VUEU6GTEUC30FAF9ZUQxfVTBKgdTO6
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433831091986616
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348&KRTB&23418-003f57a2-8ddf-49e0-bc1d-3fd828698a74-655b9d8e-4348
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEA9SCScFkKwmReRalVxHNtM&KRTB&23025-CAESEA9SCScFkKwmReRalVxHNtM&KRTB&23386-CAESEA9SCScFkKwmReRalVxHNtM
.audrte.com/ Name: arcki2_ddp2
Value: ed5Kso4dh-9Rdelj2DeMVJHXA!20220908!1700502926972
.servenobid.com/ Name: pid_321
Value: RX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003
.liadm.com/ Name: lidid
Value: 890217f6-ad11-4137-8fac-cf263304fa57
.adx.opera.com/ Name: UID
Value: OPU991f4db496004d1198f04dae1ab2189e
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7303604453951010958&KRTB&23369-7303604453951010958
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7556108170959009897&KRTB&23339-7556108170959009897
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e05e85ff-7eb9-427b-9938-7e0525b78b11
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8486070677431234590&KRTB&23263-8486070677431234590&KRTB&23481-8486070677431234590
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:c49f655b-9d8e-4800-a653-2936d3d2309f
.servenobid.com/ Name: pid_352
Value: lhtzdJzzkp_s
.c.appier.net/ Name: _auid
Value: h0w6yiNGBI6SGBXcjp1bZQ
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2736676649113416841&KRTB&23150-2736676649113416841&KRTB&23527-2736676649113416841
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAI2Tx6LN5eNwMDiSC0AAAAAAA&KRTB&22713-AAAI2Tx6LN5eNwMDiSC0AAAAAAA&KRTB&22715-AAAI2Tx6LN5eNwMDiSC0AAAAAAA&KRTB&23519-AAAI2Tx6LN5eNwMDiSC0AAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU991f4db496004d1198f04dae1ab2189e&KRTB&23485-OPU991f4db496004d1198f04dae1ab2189e&KRTB&23524-OPU991f4db496004d1198f04dae1ab2189e
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5492443256410026847
.audrte.com/ Name: arcki2_adform
Value: 8486070677431234590!20220908!1700502927143
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-03830925-5fbd-53b5-664e-ae7b9fb83269.L4hQV8VIw8EKT8glRFoNj9pc5RypgekBv4OO0js89aM
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-03830925-5fbd-53b5-664e-ae7b9fb83269.L4hQV8VIw8EKT8glRFoNj9pc5RypgekBv4OO0js89aM
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AA4MJJV-9U7VmTq57n7gyaS0M3qo.T6yTx1Swc4qBkd637cTf570p%2FQ1GfDrD%2FmaEfXnrppU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AA4MJJV-9U7VmTq57n7gyaS0M3qo.T6yTx1Swc4qBkd637cTf570p%2FQ1GfDrD%2FmaEfXnrppU
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqL+WB2VfyCp1qbBgMWySGKnddJL2ro2586sr7aMhMzQXsj3c0yPOK2X6utJr3FpsEhVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.ipredictive.com/ Name: cu
Value: 6f9fb69c-cc3c-4eb1-af48-4df4f3202324|1700502927121
.gssprt.jp/ Name: lamp
Value: ef5a6cb8f6f6993411e2f080255de18d
.simpli.fi/ Name: suid
Value: E008A0E856F74B93B76C7D7DD89451C8
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o3o|7dN.0.AADxMk7KtzsAABQONn-9lA|7bq.0.1
.smartadserver.com/ Name: csync
Value: 124:de23d351-6c13-4ca4-8c6f-70b306f98092|127:AADxMk7KtzsAABQONn-9lA|141:ed5Kso4dh-9Rdelj2DeMVJHXA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-A4MJJV-9U7VmTq57n7gyaS0M3qo&KRTB&23334-A4MJJV-9U7VmTq57n7gyaS0M3qo&KRTB&23417-A4MJJV-9U7VmTq57n7gyaS0M3qo&KRTB&23426-A4MJJV-9U7VmTq57n7gyaS0M3qo
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIG9h9SBVf_UoaBZUzr3fhVbdX4sZ_iezvbcAHKY50EQCEHwYBCCPu-6qBjABOgTwi70wQgTNnS9y.sgQwL3VbBC%2BZKp9hjxKw7A3SMvV1%2Fw2m9hhJ7na%2Begc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIG9h9SBVf_UoaBZUzr3fhVbdX4sZ_iezvbcAHKY50EQCEHwYBCCPu-6qBjABOgTwi70wQgTNnS9y.sgQwL3VbBC%2BZKp9hjxKw7A3SMvV1%2Fw2m9hhJ7na%2Begc
.servenobid.com/ Name: pid_323
Value: LP77J8SG-1V-AUHK
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:E008A0E856F74B93B76C7D7DD89451C8&KRTB&23486-uid:E008A0E856F74B93B76C7D7DD89451C8&KRTB&23489-uid:E008A0E856F74B93B76C7D7DD89451C8&KRTB&23539-uid:E008A0E856F74B93B76C7D7DD89451C8
.ads.stickyadstv.com/ Name: UID
Value: c6d8935b5dc6c4566981db2abad11
.audrte.com/ Name: arcki2_smart
Value: 4304418943288873880!20220908!1700502927286
.zemanta.com/ Name: zuid
Value: 0G-e-Z_GRiozPO66r74s
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADxMk7KtzsAABQONn-9lA
.gssprt.jp/ Name: appier
Value: h0w6yiNGBI6SGBXcjp1bZQ
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.openx.net/ Name: pd
Value: v2|1700502926.1|iyvQgevNgun0.j8vSgqwksLiSmOsfnswL
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBgamBkaWRmbmm2C4lvbmZi_AtZ3szIAAAoRuJQMAAAAA
.socdm.com/ Name: SOC
Value: ZVudj8Co8YsAAKnMWpkAAAAA
.dotomi.com/ Name: DotomiTest
Value: 78699dcae0ac18e8
.blismedia.com/ Name: b
Value: 655B9D8FD6523D07D2ECFAB4BLIS
.pubmatic.com/ Name: SPugT
Value: 1700502928
.pubmatic.com/ Name: DPSync3
Value: 1701648000%3A226_219_197_201_245_241_235_227
.pubmatic.com/ Name: SyncRTB3
Value: 1701043200%3A223_2_15%7C1701648000%3A3_55_249_234_7_54_8_46_243_214_254_165_56_21_264_81_251_13_161_71_88_233_238_176_99_166_196_22_220%7C1703030400%3A203%7C1705622400%3A69%7C1701302400%3A63%7C1701734400%3A35
.ads.pubmatic.com/ Name: KCCH
Value: YES
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b4879de7-e00d-4b6e-a06c-9b9fe28f40f1-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 158810:4
.onaudience.com/ Name: cookie
Value: ba76dcfba2bc712b
.onaudience.com/ Name: done_redirects147
Value: 1
.zeotap.com/ Name: zc
Value: 64635a8d-1990-4869-4704-474ead2bce53
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700524530061
.semasio.net/ Name: SEUNCY
Value: D23BAF07309278CB
.smilewanted.com/ Name: sw_user_params_infos
Value: mwyDU1T%2BlY5XRNEEti2t37S83a1frKZk%2Fl%2B1VtJxZhuP%2BpKeXm%2Fgx2cvnsDFcEP6D4B1%2FZ0MZHEegK%2F72y7B5h1O01W7u55%2BzTPBEGk6aIfQLyn24LLYZqXWIk%2BVRne2zvGQ3TeKLOJ2IJmscHu7xG3qdO4KQXhxBiwYvEbLVus8xfWywDLCPDut%2Fq5%2FoH8zqXo6VpeyMzvEpIiIJUJnoD2wSVOLC4IlNkvi9Ng03PsGAYNFGKHkr637Ff76WlJVHGBdK6YsH3uF5v21DLy3xnH0%2F9kQSqJZH8kOCGMCXHefDmbwMrn4dtx31e%2FVJaX6dd0bW6zUYovvPc198ZVZMzmZUQUmXKJbyLE6nx2bQPSC%2Bgg53TnbAIIeDmM793psMQojWUtoxa0m%2FmkXK8Du2w%2B67PWlU5UIsD2rzPWyE11XQUJADYJlzYTp32IPGLhK7vKjyjljDnlkA1dYKT8YwQOsgWVdTX3gXZcI9udxAey8SKHN84vCj5DkCmh%2FQBc5
.onaudience.com/ Name: done_redirects104
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aSntuJN3IdaSIdwFTkVRGlUd7gBsn2pgmMC7QF1ZcUqusrk1PvZbMVfe0RLHlrggmPEQZa2rRFjigUGLQmEZc2mVScpZb
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-woK5xk2lhgTUQjMhgXhjTbXh
.pubmatic.com/ Name: PugT
Value: 1700502930
.servenobid.com/ Name: pid_317
Value: 5881583165477360456
.servenobid.com/ Name: pid_324
Value: 5133329528908106811

35 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/8618fec15820ef2d8116a66a1501306c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/6bf5ad652007bd29027e25d245fb5121.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/e501a6e91757a4f235143441cd9d10db.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/fb1b883a5ccc78e3867c489b5b0a73b4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/25ab013cc209caf846a057d055993da6.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a3bee0792a70f187e049b8c86d2a8742.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/e321bbdf3eb782802f56fb714a5b8a2d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/85eda784e59507da4a13ed75e98a44b8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/c454f9fd145ccb8483807508df6cb111.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/051214e0ed6f4e9bcb1cb206d62fb23c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/b4f53ecef0c48ed360f94000b96f3f3c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/7b0ceb7843f8fd8457fe51866ce294af.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4a532341115027cf5d70b53edc9bb8ac.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/228d7b576326ee3f6d73f3d57350f942.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/dc8b12cf3f577f406872d76ea73f2a56.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/a17a0fe8b3d356f8f0d385c771b67b9b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/267882ed1ec73d9f83e9b3495a64a631.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0362872bf1f09a34ec3bf0c6e6b876e1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/dce482ca02ea5e525a6b031513458287.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/22c7a3d7bfc264b3ec10e191db5f288e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/2365b7a8def725548b7bd239fdad6618.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/6f4f14fbc54fbe36193c56e5801ce169.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/f070e9b01ef90c35da1dc0318e3d40bb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/4120a2b5f6ee313cb7d5a75b32e401e6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/035d34ab641e15175295c77d96d7a7ed.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1852d8399f79b11a054cc204c95aef9f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/19133474208ae957124467ab31d87274.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/fpe/42753/MAN_Data/Q0hfREVTS1RPUA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EvbGFuLXF1YW4tc3Utemh1aS1qaW5nLXd1LWJlaS1oYWktcmVuLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://idsync.rlcdn.com/474599.gif?partner_uid=c0f93223-cbb5-4583-97be-40ac58427f7e_ch&cv=&_t=1700502924416
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEMYO8IYq_wQT-6sIwp8p1iQ&google_cver=1&google_push=AXcoOmQnBnQlsapz7-jD4ULN0MwpZp7Vk97cohqhcY17NqwIemAumd25_17ddW3PUzPThOS0RaHaNg035jQMje0SEdVoRbvXTwO7GqeuYvAdzirNiAsusf8f0oW9rjb-Ldn-4nDqlLSTI5owwcg48S5ohSRO
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16df40c7387f574a836dc77d62300e82.safeframe.googlesyndication.com
69d8865750481cae990fdef0482a216f.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
adpushup-d.openx.net
ads.aralego.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
audiencedata.im-apps.net
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
c21lg-d.media.net
capi.connatix.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.chocolateplatform.com
cs.gssprt.jp
cs.media.net
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.im-apps.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.c.appier.net
g2.gumgum.com
genieeintl-d.openx.net
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900014.redintelligence.net
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
i6.liadm.com
ialaddin.genieesspv.jp
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
js.genieessp.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
onetag-sys.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
rt.gsspat.jp
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s8t.teads.tv
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
studio-t.teads.tv
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.smartadserver.com
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
t.teads.tv
t2.teads.tv
tags.bluekai.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
cs.chocolateplatform.com
static.bg3.co
sync.adotmob.com
103.231.174.251
104.18.36.155
104.20.218.77
104.22.69.131
108.129.5.53
124.146.153.160
133.186.12.14
138.201.63.117
141.226.228.48
141.94.171.213
141.94.171.214
141.94.240.143
142.250.181.230
142.250.186.162
147.75.84.158
151.101.1.44
151.101.193.108
151.101.193.44
151.101.2.49
152.199.21.70
162.19.138.83
162.210.196.208
162.55.120.196
167.235.184.171
169.197.150.7
172.105.232.22
172.64.146.152
172.64.149.180
172.64.151.101
176.9.26.250
178.250.1.9
18.184.223.197
18.196.139.135
18.197.219.206
18.200.168.98
18.211.228.116
185.106.33.48
185.132.133.133
185.132.133.134
185.165.240.175
185.184.8.90
185.29.134.244
185.64.190.79
185.64.190.81
185.64.191.210
185.84.60.20
185.86.138.150
185.86.138.154
185.86.139.59
185.89.211.84
193.0.160.130
195.5.165.20
198.47.127.19
198.47.127.20
2.18.160.23
2.18.161.51
2.18.96.187
2.19.100.239
2.19.245.101
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.165
216.52.2.30
216.52.2.86
222.230.178.129
222.230.178.32
23.197.120.249
23.35.229.56
23.50.131.73
23.52.120.246
23.97.225.52
2404:6800:4003:c05::78
2600:1901:0:e207::
2600:1f18:24e6:b900:3468:1b3e:b397:53a
2600:1f18:ed:550a:b33d:6afb:b084:e380
2600:9000:223c:6c00:6:44e3:f8c0:93a1
2600:9000:223f:2e00:1f:4c18:bd40:93a1
2602:803:c003:200::61
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::ac43:db6
2606:4700:20::ac43:47fe
2606:4700::6810:5514
2606:4700::6812:19ad
2607:ae80:4::26
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:801::2006
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:ab00:2a3::26e5
2a02:26f0:c6::210:6568
2a02:fa8:8806:20::2010
2a04:4e42:400::649
2a05:d018:d29:3602:5079:1120:7dbf:7a0d
3.125.27.82
3.127.123.183
3.210.90.75
3.248.171.173
3.69.104.214
3.71.149.231
34.111.113.62
34.111.129.221
34.120.63.153
34.247.233.198
34.247.45.174
34.254.54.88
34.96.105.8
34.98.64.218
35.186.193.173
35.186.253.211
35.194.66.159
35.210.239.72
35.214.188.72
35.244.174.68
37.157.2.229
37.157.6.237
46.228.174.117
50.31.142.223
51.89.9.252
52.19.215.209
52.211.237.14
52.222.169.84
52.223.40.198
52.30.78.43
52.46.128.147
54.156.137.107
54.165.29.149
54.171.91.135
54.239.38.253
54.38.197.123
54.76.38.94
54.78.254.47
54.85.125.66
64.227.64.62
69.166.1.67
69.173.144.137
69.173.144.139
72.251.245.179
76.223.111.18
77.243.51.122
77.245.57.72
8.43.72.97
80.77.87.163
82.145.213.8
85.114.159.93
88.99.65.215
95.101.200.166
95.101.200.23
98.98.134.242
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
056b6859039a6a9dc49ebda125892dc7b547dc3d24acb9084e3386afc6f376b0
06400005a34674afd7a6ed9c307e5265cb2960c3b77a6f44610605f31c4f9c25
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db656abfc577411c85919cec217339906cffcbe3a4441c545396a423ff29cf8
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
15b2f8d9675bc86d539ba6a103b0a721c74ce4a52a6ee7653f381edc910cbe74
15b9ca6b6d0820d6523564738a97ef47fad1fba7dbefb00a51ec90a129f6e8e9
15c90ca5a02935e447e871f069cab41f2d289f564fd712787f36b16fb2085835
16808931fd31ecc4652bf596d7589f8aa95e0381a1af873dfc5fe794b78d6c6a
1761dcff2a56f3339cec67c21b0bf8ecf9963079240cd2e299ca2980ca8f7f04
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1a86a46270d0b5a920fa25dc7f7dccc65f32132797db058bad70446cafe6af56
1a92d33f554ce1738ba8de92d34c2e82eb9aa06f4c29a530e7fe5348954dee07
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1dc56bc71d7e8873ce928c79210ef7f477d53dae75fe44c7a2a1409972431da8
1de2341dcc701a1b5f992b44f6f6cc3dd701bd27121bb89e80b2fc711228347e
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f7f4a0529b66223363f490b911ed5ac74c14c422531334db65a25b421e20a9f
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
24f17264c3e3c2eab423df86b31b5b067b699fccd0146e057272d9d4ac4817a9
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2772e8943e933ab3021d340fed67437bfa5100635c7698e5dd45fcbd8637727c
2896abc8066f2e67bd76e461833ac770dccd35e99ac818e4fae239ef33058d9c
293fdccd7cb1892fdc8d3dad22f1b6237b77a80fbf3d4cc99d00bf668134ac83
29996083786b7c45a679db1d2ffc53bef4ea9db2722708a3394df912e6f08bd9
2a890242904e39037a5be5620fa7f17cf261eb568a430062005d3010d0aad3c9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bb0412226f0df813146c866fac8d17db602d887a286dbdeaa199192fa8dfbc6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
3575af1b659f79cf9f82ecccc15a2ce94a859c99692efbcb0074848abbe0ac47
3671e700641f99c067a69ea26ba0980b22773af7353f81893e1a0e11864a7c14
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
389fb19d31c281d68662cb4951310aa5f27a75794d937465dfea0d4ad86f85b6
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a3790beb69a7947610ec1a3063b6df868d75c1da9aec99c0a28e1202f6adaf3
3ba7f40e2b4080979389e9b81e6d0ed155e9b7f74b3310bc1289ee70cba2035d
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d6709892abf725d0c0afe99541b81af7b7a5da9c7e8d316f4adda232b2f90bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee272847b22d581cc73ef77124a45ad6abc679ff37c4f62cd9adf7f747c4447
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40740068f4e328444d777b937759990a9701c278d9c714a300e4e837f98d7abb
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45493046401d899523e4fa6ed2b1ae83d152e5c0498956b0fcbfa629f9bb7b79
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8
45c456cf0ac5658c4f8012b1640ee09d1c83a478bc7608ef9fc24301bb2a42d5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471b483d5fb65c70991fefb9de0d3945f5d6c98d064ee0e1f83265d93452008d
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fc32e6fc403d791b614e173174cf80dfabf2c4a9fd3e4f8c58134c19a1248e8
527f6689bb0f30fd94ec2800fecb9380e14e47975e1f323c05facf57f2e92e5b
5281ea752a8ef414d8534d1da986963f250afeeff3635abdfa79e203d7d62550
54ddabbadefd72b65defd6390140b6898251b5c08e6f74afd6bbedafd45c08b6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
589e150142e83e2f29f2e50f019196f98e4546abdc0e94a6a15e0461dd2d8bdf
591f9da9e69f2c310c1bfe78be2d8dc10fef75424694bb07adf1875a44b99171
5aa1990d22212c266daa5670b32102cebfc454edf9eee131a01971896eb15b2e
5e288383c15c23ae3e707f0c636164cd7ebed478757670bfd458e490fd5eeec0
5f0ef62cddded47abd6895676cdb175db269326371dbe4457f4fa55d8bf541ec
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5fe8352f202b554ab7f2b5f7227faab2cd2bcb35412e138cf88e3adf9ec6c75a
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ec37ffa239684177bf384bf9e9f55f5e90846a6d717fa150ad58eba280579d
6229c19b4fa9b6dae1174e871867946c1fb7588c948eca2be40cdf2024b37995
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6
6ad68b6d40b12b04ca7e377cb22de4c8aaf4e8832bb8f4ac3442140e846a6b4b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0b2bc474d6c693fabb9c352b8651c6473df4def4e8f6661ce14ada2628e644
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e710f2efbf965a6b3cdaafe51ea36f8a9bf30d31420c308a48c940e8e0630a3
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74810332926baaa98d91b7a06c9cb5fbef0db3efc7eafaee6ca9b8bb4ffe3a19
748a5522d5084ac1d59405163d90409108d51c97132431a956f8168c5d22edcf
75dafddaabed947a4a53a65c28ed47eacc0776d8cc15772bb253bc01962d97c7
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7b3739b1ecad291016465b04a1577de84581699baa454127c054c1bf7ae6c432
7dacb1297f2e382c6e2d599a785cb0a54ac937db2230d779f0ccf60c04d359a5
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad
7ecb227998be6760d36fa8fa1dc6bf0bb7496e58a1f1fe4c8b721386b85c5a3d
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f0bdb7ae37c8ccaee69854f17a284402127c97781af17e4e4217fcb3ad1de7e
7f9fe91f97e210a22350246d9bd7a7f475f49a7b5acab0b3d52ff026187fbe41
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85a9ec88a119779e7632b1fdb3e841cc9ba8c128040ae142086325b230c12ce5
85bd3b229eb4b44da9f35adb073d1d7458bbf49e0a9d5ed1d655c406de69e1d1
85cf7828ee650555c6339a992cad99ce6774675bebc3733f0781e22f22fe3d0e
86e4b98204d528d5043d880521604b6a65816ab291b0a4996296a2b4d3065673
86ffc0479305f4f20aaf0a5e85ea2f561ef859edf9e4eae9ca0b1930a26f8013
871b439ce74940d2fb88d2fad9b0a40f3ee6e47c5a860b11a34d1d1455277fa6
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
87bede1a4975592bdc96dee08e1416036a02d028ebce4f0860e4d8f8e9d32be3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ac867fb48b75af07ac3afbebf3b9fde603741d8c534f9dbaaa52ea5e1e2da15
8b6f510c76d49c6b1f3ce31698a30b4ae9aa10b553c3c8306de4366eb42e012c
8bf0bb485209aa720105a837662ff63b117446cb8d9a14db8798faa51a2b83a7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e452f4ebff3437beab67c1ab37ea1331d0d801c65fed2ad9c6ca654bfb29280
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d
916f7174579c997adb979307592be6f203b2195c32ab542f71cfa85476dd9a8a
91d0c777a21fa697a3a6ad517e0afdbdaf096389102cbc4fd40dbfeff00a8619
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9747ec69ac8a41ea43575bffbbafc1e9b9c37ef2b3147fe45463c68af4189419
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9b7dc0f0f98ae79625c2028a3701c289c6c5d7451afa74fc3515b925eeb0ef67
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9fc31e925b7565e633d602d90767aa47dba2b8273e58fc2f1152ad5e89d7d9bd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2124ca1971f9c744626c9bea60e5d861c122f83056e2885324523957c1a0026
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f
a521cc94886d44f5bc848f7ce3be3d9850bb94e61164636f6a48bd4b7f9b15ec
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
aba4433c326a47ff70fbf9ec973e6aed78cac71047de9f3820406147d344698c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adfc4dde77227582dc74c2beffb99dd7f03db37ed49846bafd1a9529b559a8ba
aefa500715240ffa5d13bf2166130a66e9bb71577df11ea08638433f39d4a448
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b34ab73d64bd5ccb5a2d786acbe9e73b8512d14f6867bceaa36d15e26769df92
b56f04aaa28d1fa28e8fbddbd8ff8472315cc8f0a603e2a354514e5e932bb5f3
b71c49244aee8a08da6c1e087b08f7beb18116f845d5f093ae29cf435e922247
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169
b92ac5f8330195f8ceb20716a7697119c25eba8fac591ba170b7bc5043b07c58
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bceeddf482d81d5d39b556f3916d9aa9b3d977bfd76a5e40bee84d0f9c793bbc
c00ab9d997786983dc74dfc8251f98c3b6208d795224cc67394784bdcab8fab0
c15f1d59737fd83228622836f14095c34e902c50564a25a3b0efb60464be6ac8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c240d086c01646f9f5ce652d31e71aadb74564b68e64f57a583c8e1cfb170246
c41ec1252544c0499598201307af43d7c0ad86adb1bd93fe6aa6acdf90ff1bad
c5b3ce82804d1dea649dd53d3f759b248b93dbf79ba457d851d4c27a9accac7e
c88dcc3456dfa875f7bc3c9e7e9cb7b2b05b5bde7208a79ac2e0a14b9f7c3128
ca68b6daa2f2d3bd83d991304e4cd227b83ef8e0fb345eb51dba1c7f36cd43ad
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0cc7bb53b6366a551e3994bdf3bc2787eb443193cd95841f12d957fbd58a5ac
db716f6345128256f52b92c6ac78496868965df6bb0d45fdfd147dfe381ea79c
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e322cfdfbc195424c8c3fc7a6149d1e4787ffda50b82f12d1850e60186655940
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd
e91e1c00096cc046bfd4493ac1bf9bc9307158ead80a371de38b311fec6f87ef
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef934b24218a6d9b7dd57b7a0241cecd8fb3899ee5ac35554dd462f997a252a1
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d
f355b894ea0006b2ffd1fccea5fec86b4cf9409bb7f221ae59ad7bfbe0618647
f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6aed544adb61335dd2e7e3d09ce306553df707a4472d2125275be08cf8a5d11
f8913833832c54aefa08f4f8f97ddf46f3a77ccb27c74161346863a3001134ec
fb52a07e3f5f395e254717a4c71058af3b4ba1dee096bd1d745fbdf615d44f49
fbfa7bc007b1ed2be6c324b43d254e495b3df250870122557c2d7df1839308a6
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8