urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu...
Submission: On October 30 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 129 IPs in 15 countries across 130 domains to perform 627 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
39 151.101.65.44 54113 (FASTLY)
1 2 162.210.196.208 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
3 2a02:2638:3::c 44788 (ASN-CRITE...)
7 141.226.228.48 200478 (TABOOLA-AS)
13 2a00:1450:400... 15169 (GOOGLE)
24 212.8.250.228 49981 (WORLDSTREAM)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
1 3 192.96.203.13 30633 (LEASEWEB-...)
3 151.101.129.44 54113 (FASTLY)
19 185.106.33.48 200478 (TABOOLA-AS)
7 51.75.86.98 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 54.38.197.123 16276 (OVH)
8 9 35.158.220.250 16509 (AMAZON-02)
1 190.2.153.150 49981 (WORLDSTREAM)
6 2600:1f18:24e... 14618 (AMAZON-AES)
10 23.97.225.52 8075 (MICROSOFT...)
27 2a00:1450:400... 15169 (GOOGLE)
3 3 23.212.211.47 16625 (AKAMAI-AS)
12 184.30.22.30 16625 (AKAMAI-AS)
17 15.197.193.217 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 167.235.184.171 24940 (HETZNER-AS)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
17 52.18.191.233 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 3.77.250.56 16509 (AMAZON-02)
2 5 147.75.84.158 54825 (PACKET)
1 5 35.227.252.103 15169 (GOOGLE)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
9 13 37.252.171.53 29990 (ASN-APPNEX)
10 104.22.69.131 13335 (CLOUDFLAR...)
7 184.30.21.51 16625 (AKAMAI-AS)
1 2 54.75.96.107 16509 (AMAZON-02)
4 9 172.64.151.101 13335 (CLOUDFLAR...)
1 18.196.140.247 16509 (AMAZON-02)
15 23 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 175.110.113.203 49981 (WORLDSTREAM)
5 9 2a05:d018:d29... 16509 (AMAZON-02)
5 6 3.75.62.37 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 5 209.54.182.161 16509 (AMAZON-02)
17 28 142.250.185.194 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 5 52.94.223.167 16509 (AMAZON-02)
7 7 52.30.179.44 16509 (AMAZON-02)
2 4 216.52.2.91 30282 (AS-INAPCD...)
2 2 52.23.134.172 14618 (AMAZON-AES)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 23.48.23.4 20940 (AKAMAI-ASN1)
1 2600:9000:236... 16509 (AMAZON-02)
3 222.230.178.129 2519 (VECTANT A...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 185.84.60.23 198622 (ADFORM)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 1 91.210.226.74 48314 (IP-PROJECTS)
1 1 62.141.38.122 24961 (MYLOC-AS ...)
4 11 222.230.178.132 2519 (VECTANT A...)
2 2a02:26f0:c6:... 20940 (AKAMAI-ASN1)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 1 154.59.122.79 174 (COGENT-174)
7 9 37.157.5.133 198622 (ADFORM)
4 4 52.87.21.252 14618 (AMAZON-AES)
2 3 185.86.138.155 201081 (SMARTADSE...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
9 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
15 2a02:26f0:c6:... 20940 (AKAMAI-ASN1)
20 184.30.25.51 16625 (AKAMAI-AS)
1 2600:1901:0:e... 396982 (GOOGLE-CL...)
5 14 23.192.153.28 16625 (AKAMAI-AS)
4 4 178.250.1.9 44788 (ASN-CRITE...)
1 54.78.254.47 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
4 7 35.244.174.68 15169 (GOOGLE)
1 52.30.88.129 16509 (AMAZON-02)
1 54.155.252.188 16509 (AMAZON-02)
2 63.34.156.169 16509 (AMAZON-02)
1 2 23.212.218.19 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 147.135.143.112 16276 (OVH)
3 17 34.98.64.218 396982 (GOOGLE-CL...)
1 1 222.230.178.33 2519 (VECTANT A...)
1 1 172.105.221.240 63949 (AKAMAI-LI...)
1 13.32.27.45 16509 (AMAZON-02)
2 3 76.223.111.18 16509 (AMAZON-02)
1 184.30.20.22 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
2 104.18.38.76 13335 (CLOUDFLAR...)
2 52.19.72.182 16509 (AMAZON-02)
3 23.213.164.238 16625 (AKAMAI-AS)
8 2600:9000:205... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 52.205.208.143 14618 (AMAZON-AES)
3 216.52.2.39 30282 (AS-INAPCD...)
12 13 46.228.174.117 56396 (AMOBEE)
4 4 2001:678:cb4:... 56396 (AMOBEE)
3 6 185.86.138.151 201081 (SMARTADSE...)
7 7 193.0.160.131 54312 (ROCKETFUEL)
1 1 69.166.1.67 27630 (AS-XFERNET)
1 1 34.237.4.206 14618 (AMAZON-AES)
2 3.66.132.222 16509 (AMAZON-02)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 11 104.18.36.155 13335 (CLOUDFLAR...)
1 141.95.32.71 16276 (OVH)
3 198.47.127.19 62713 (AS-PUBMATIC)
4 4 54.158.68.158 14618 (AMAZON-AES)
4 4 13.32.27.99 16509 (AMAZON-02)
2 2 52.29.172.170 16509 (AMAZON-02)
3 3 98.98.134.242 21859 (ZEN-ECN)
4 5 34.249.50.243 16509 (AMAZON-02)
4 4 54.36.150.180 16276 (OVH)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
3 4 151.101.2.49 54113 (FASTLY)
13 34.247.205.196 16509 (AMAZON-02)
1 38.91.45.7 398989 (DEEPINTENT)
3 3 70.42.32.127 22075 (AS-OUTBRAIN)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 1 124.146.153.170 2514 (INFOSPHER...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
4 4 198.47.127.18 3257 (GTT-BACKB...)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
2 15 198.47.127.205 62713 (AS-PUBMATIC)
2 2 96.46.183.20 7979 (SERVERS-COM)
1 1 8.2.110.114 46636 (NATCOWEB)
9 185.64.191.210 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 35.214.239.194 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
1 173.231.180.197 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.95.171.140 16276 (OVH)
2 2 141.94.171.216 16276 (OVH)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 34.246.239.231 16509 (AMAZON-02)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
2 198.47.127.20 62713 (AS-PUBMATIC)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 134.122.57.34 14061 (DIGITALOC...)
2 2 193.108.153.21 20940 (AKAMAI-ASN1)
1 34.254.46.142 16509 (AMAZON-02)
1 1 37.157.6.233 198622 (ADFORM)
2 2 2a02:2638:3::6 44788 (ASN-CRITE...)
1 35.205.65.172 396982 (GOOGLE-CL...)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 51.68.39.188 16276 (OVH)
2 23.88.86.2 ()
2 2606:4700:10:... ()
1 1 146.59.148.16 ()
627 129
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
17    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
39    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
2    162.210.196.208 (Annandale, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
13    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9c051bb9c4354763d563f49d55884c89.safeframe.googlesyndication.com
tpc.googlesyndication.com
2bbb5cd83d31683e5097831f559a4e1d.safeframe.googlesyndication.com
24    212.8.250.228 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-228.hosted-by-worldstream.net
ad.vidverto.io
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
19    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
7    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
5    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
9    35.158.220.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-220-250.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    190.2.153.150 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
ad.vidver.to
6    2600:1f18:24e6:b902:9c09:4253:19bd:8f92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
10    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
27    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
17    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
4    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
17    52.18.191.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    3.77.250.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-250-56.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
5    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
13    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
10    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
7    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
2    54.75.96.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
9    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
1    18.196.140.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-140-247.eu-central-1.compute.amazonaws.com
tlx.3lift.com
23    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    175.110.113.203 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-203.hosted-by-worldstream.net
cdn.vidverto.io
9    2a05:d018:d29:3601:865d:cd9c:e13b:6712 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2600:9000:223c:d000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
28    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    52.30.179.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-179-44.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    216.52.2.91 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    52.23.134.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-134-172.compute-1.amazonaws.com
sync.ipredictive.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    23.48.23.4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-4.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:9000:236e:7200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
3    222.230.178.129 (Hadano, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
js.genieessp.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
6    2607:f8b0:400d:c09::78 (Morganton, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
3    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
14    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
1    2602:803:c003:200::57 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    91.210.226.74 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    62.141.38.122 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm44.as.net
cm.adsafety.net
11    222.230.178.132 (Hadano, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
ialaddin.genieesspv.jp
cs.gssprt.jp
2    2a02:26f0:c6::210:6570 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    154.59.122.79 (Secaucus, United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
9    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
4    52.87.21.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-21-252.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
9    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
15    2a02:26f0:c6:1b0::26e5 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
20    184.30.25.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-51.deploy.static.akamaitechnologies.com
t2.teads.tv
t.teads.tv
1    2600:1901:0:e207:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
audiencedata.im-apps.net
14    23.192.153.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-28.deploy.static.akamaitechnologies.com
sync.teads.tv
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
7    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    52.30.88.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-88-129.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    54.155.252.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-252-188.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    63.34.156.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-156-169.eu-west-1.compute.amazonaws.com
sync.springserve.com
2    23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:bae0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.ch
1    147.135.143.112 (Villeurbanne, France)

ASN16276 (OVH, FR)
min.tryiqos.ch
17    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
genieeintl-d.openx.net
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
1    222.230.178.33 (Hadano, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
rt.gsspat.jp
1    172.105.221.240 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-240.members.linode.com
g.c.appier.net
1    13.32.27.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-45.fra56.r.cloudfront.net
public.servenobid.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    52.19.72.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-72-182.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
3    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    2600:9000:2057:e200:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    52.205.208.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-208-143.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
3    216.52.2.39 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
13    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
6    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
7    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    34.237.4.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-4-206.compute-1.amazonaws.com
ssp.disqus.com
2    3.66.132.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-132-222.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
11    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    141.95.32.71 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-006.roqad.pl
wt.rqtrk.eu
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    54.158.68.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-68-158.compute-1.amazonaws.com
i.liadm.com
4    13.32.27.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-99.fra56.r.cloudfront.net
live.rezync.com
2    52.29.172.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-172-170.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
5    34.249.50.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-50-243.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
4    54.36.150.180 (France)

ASN16276 (OVH, FR)
PTR: ip180.ip-54-36-150.eu
cookie-matching.mediarithmics.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
13    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    124.146.153.170 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
15    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
9    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.214.239.194 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 194.239.214.35.bc.googleusercontent.com
csync.loopme.me
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.95.171.140 (Paris, France)

ASN16276 (OVH, FR)
PTR: bixel-6.cloudy.ovh
green.erne.co
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel-eu.onaudience.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    34.246.239.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
a.audrte.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
openx2-match.dotomi.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    193.108.153.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-21.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    34.254.46.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-46-142.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
1    35.205.65.172 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.65.205.35.bc.googleusercontent.com
cookiesync.api.bliink.io
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    51.68.39.188 (Paris, France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
2    23.88.86.2 (None, )

ASN- ()
matching.truffle.bid
2    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
1    146.59.148.16 (None, )

ASN- ()
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
68 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
trc-events.taboola.com — Cisco Umbrella Rank: 2170
vidstat.taboola.com — Cisco Umbrella Rank: 3029
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
sync.taboola.com — Cisco Umbrella Rank: 1322
am-wf.taboola.com — Cisco Umbrella Rank: 17326
983 KB
58 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
487 KB
56 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
s8t.teads.tv — Cisco Umbrella Rank: 5510
t2.teads.tv — Cisco Umbrella Rank: 25995
t.teads.tv — Cisco Umbrella Rank: 2845
sync.teads.tv — Cisco Umbrella Rank: 1403
2 MB
42 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10151
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
99 KB
40 googlesyndication.com
9c051bb9c4354763d563f49d55884c89.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
2bbb5cd83d31683e5097831f559a4e1d.safeframe.googlesyndication.com
419 KB
36 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image8.pubmatic.com — Cisco Umbrella Rank: 662
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
44 KB
30 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
511 KB
22 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
genieeintl-d.openx.net — Cisco Umbrella Rank: 305998
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
us-u.openx.net — Cisco Umbrella Rank: 522
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
21 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
r.casalemedia.com — Cisco Umbrella Rank: 1699
13 KB
18 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
10 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
15 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
15 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
7 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
287 KB
14 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12394
as.ad4m.at — Cisco Umbrella Rank: 33424
assets.ad4m.at — Cisco Umbrella Rank: 45800
263 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 609
27 KB
13 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
dis.criteo.com — Cisco Umbrella Rank: 597
ssp-sync.criteo.com — Cisco Umbrella Rank: 1269
25 KB
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
134 KB
11 adform.net
adx3.adform.net — Cisco Umbrella Rank: 59130
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net — Cisco Umbrella Rank: 1267
6 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
5 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
7 KB
10 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
17 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
grid.bidswitch.net — Cisco Umbrella Rank: 1165
3 KB
9 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
4 KB
8 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
4 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
7 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
6 KB
7 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
1007 B
7 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
3 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 31
977 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
4 KB
6 gssprt.jp
cs.gssprt.jp — Cisco Umbrella Rank: 17944
2 KB
6 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
1 KB
5 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
2 KB
5 genieesspv.jp
ialaddin.genieesspv.jp — Cisco Umbrella Rank: 40856
5 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
586 B
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
openx2-match.dotomi.com — Cisco Umbrella Rank: 4926
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
1006 B
4 mediarithmics.com
cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 4023
1 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
3 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
236 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
972 B
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
1 KB
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 26793
audiencedata.im-apps.net — Cisco Umbrella Rank: 30155
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 42330
12 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
11 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
322 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 zeotap.com
mwzeom.zeotap.com
672 B
2 truffle.bid
matching.truffle.bid
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
498 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
560 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
680 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
69 B
2 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
1 KB
2 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3340
411 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
958 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
910 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
179 KB
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
579 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
173 B
1 bliink.io
cookiesync.api.bliink.io — Cisco Umbrella Rank: 10511
174 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
280 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
282 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
226 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3060
496 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
834 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 17718
244 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
423 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1674
351 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
524 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
625 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 appier.net
g.c.appier.net — Cisco Umbrella Rank: 80997
391 B
1 gsspat.jp
rt.gsspat.jp — Cisco Umbrella Rank: 59650
267 B
1 tryiqos.ch
min.tryiqos.ch
860 B
1 conrad.ch
www.conrad.ch
492 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
500 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
485 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1743
324 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
684 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 22807
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 31114
823 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
549 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
501 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
648 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
635 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
262 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 53225
154 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
259 B
1 bg3.co
www.bg3.co
static.bg3.co Failed
18 KB
0 semasio.net Failed
uipglob.semasio.net Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 richaudience.com Failed
sync.richaudience.com Failed
627 130
Domain Requested by
28 cm.g.doubleclick.net 17 redirects www.bg3.co
googleads.g.doubleclick.net
sync.teads.tv
adpushup-d.openx.net
g2.gumgum.com
public.servenobid.com
27 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
24 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
19 il-trc-events.taboola.com www.bg3.co
cdn.taboola.com
17 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
17 match.adsrvr.org www.bg3.co
imprammp.taboola.com
am-match.taboola.com
googleads.g.doubleclick.net
sync.teads.tv
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
17 images.taboola.com www.bg3.co
17 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
15 simage2.pubmatic.com 2 redirects cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
15 s8t.teads.tv a.teads.tv
www.bg3.co
14 sync.teads.tv 5 redirects a.teads.tv
sync.teads.tv
14 t2.teads.tv www.bg3.co
13 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
13 pixel.rubiconproject.com 9 redirects www.bg3.co
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
am-match.taboola.com
www.bg3.co
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
pagead2.googlesyndication.com
10 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
10 sync.1rx.io 10 redirects
10 us-u.openx.net 1 redirects adpushup-d.openx.net
eu-u.openx.net
10 token.rubiconproject.com 6 redirects eus.rubiconproject.com
10 e3.adpushup.com www.bg3.co
9 image2.pubmatic.com ads.pubmatic.com
9 static.criteo.net ads.eu.criteo.com
cdn.adpushup.com
static.criteo.net
9 pr-bh.ybp.yahoo.com 5 redirects imprammp.taboola.com
am-match.taboola.com
ads.pubmatic.com
eu-u.openx.net
9 x.bidswitch.net 8 redirects am-match.taboola.com
8 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
8 c1.adform.net 6 redirects ads.pubmatic.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 ib.adnxs.com 4 redirects cdn.adpushup.com
www.bg3.co
acdn.adnxs.com
7 p.rfihub.com 7 redirects
7 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
7 idsync.rlcdn.com 4 redirects sync.teads.tv
ssum-sec.casalemedia.com
7 match.prod.bidr.io 7 redirects
7 a.teads.tv cdn.adpushup.com
a.teads.tv
7 onetag-sys.com ad.vidverto.io
cdn.adpushup.com
www.bg3.co
public.servenobid.com
csync.smilewanted.com
6 rtb-csync.smartadserver.com 3 redirects public.servenobid.com
ssbsync.smartadserver.com
6 ssum-sec.casalemedia.com 3 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
6 cs.gssprt.jp 4 redirects www.bg3.co
6 assets.ad4m.at as.ad4m.at
6 t.teads.tv www.bg3.co
6 ad4m.at www.bg3.co
ad4m.at
ssum-sec.casalemedia.com
6 csi.gstatic.com imasdk.googleapis.com
6 ups.analytics.yahoo.com 5 redirects imprammp.taboola.com
6 cdn.vidverto.io www.bg3.co
6 http-intake.logs.datadoghq.com cdn.adpushup.com
5 sync.crwdcntrl.net 4 redirects ads.pubmatic.com
5 secure.adnxs.com 5 redirects
5 ialaddin.genieesspv.jp www.bg3.co
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
ads.pubmatic.com
5 s.amazon-adsystem.com 2 redirects www.bg3.co
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
5 rtb.openx.net 1 redirects cdn.adpushup.com
eu-u.openx.net
5 prebid.a-mo.net 2 redirects cdn.adpushup.com
www.bg3.co
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image8.pubmatic.com 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 cookie-matching.mediarithmics.com 4 redirects
4 live.rezync.com 4 redirects
4 i.liadm.com 4 redirects
4 ad.turn.com 4 redirects
4 dis.criteo.com 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 ce.lijit.com 2 redirects www.bg3.co
public.servenobid.com
4 www.googletagservices.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 creativecdn.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 sync.targeting.unrulymedia.com 2 redirects csync.smilewanted.com
3 ap.lijit.com public.servenobid.com
csync.smilewanted.com
cs-rtb.minutemedia-prebid.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 genieeintl-d.openx.net 1 redirects www.bg3.co
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
3 js.genieessp.com www.bg3.co
3 pixel.tapad.com 2 redirects www.bg3.co
3 htlb.casalemedia.com cdn.adpushup.com
3 secure-assets.rubiconproject.com 3 redirects
3 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
3 trc.taboola.com cdn.taboola.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 region1.google-analytics.com www.googletagmanager.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 openx2-match.dotomi.com 2 redirects
2 ssp-sync.criteo.com 2 redirects
2 ads.stickyadstv.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 ads.playground.xyz 2 redirects
2 bh.contextweb.com 2 redirects
2 pm.w55c.net 2 redirects
2 match.sharethrough.com public.servenobid.com
cs-server-s2s.yellowblue.io
2 eu-u.openx.net adpushup-d.openx.net
genieeintl-d.openx.net
2 cms.quantserve.com 2 redirects
2 www.awin1.com 1 redirects as.ad4m.at
2 sync.springserve.com sync.teads.tv
2 as.ad4m.at ad4m.at
as.ad4m.at
2 csm.eu.criteo.net ads.eu.criteo.com
2 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
2 sync.ipredictive.com 2 redirects
2 fonts.gstatic.com ad.vidverto.io
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 prebid.smilewanted.com cdn.adpushup.com
2 fonts.googleapis.com cdn.taboola.com
securepubads.g.doubleclick.net
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 pixel.onaudience.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 am-wf.taboola.com vidstat.taboola.com
1 dsp.nrich.ai 1 redirects
1 tr.blismedia.com eu-u.openx.net
1 pixel-us-east.rubiconproject.com 1 redirects
1 cookiesync.api.bliink.io csync.smilewanted.com
1 cm.adform.net 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 us.ck-ie.com 1 redirects
1 u.openx.net 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 s.company-target.com 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 static.smilewanted.com csync.smilewanted.com
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 js-sec.indexww.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 g.c.appier.net 1 redirects
1 rt.gsspat.jp 1 redirects
1 min.tryiqos.ch as.ad4m.at
1 www.conrad.ch as.ad4m.at
1 beacon.krxd.net sync.teads.tv
1 aa.agkn.com sync.teads.tv
1 tags.bluekai.com sync.teads.tv
1 loadm.exelator.com sync.teads.tv
1 audiencedata.im-apps.net dmp.im-apps.net
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 ums.acuityplatform.com 1 redirects
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 beacon-ams3.rubiconproject.com www.bg3.co
1 adx3.adform.net imasdk.googleapis.com
1 sync.taboola.com am-match.taboola.com
1 vidstatb.taboola.com www.bg3.co
1 partner.googleadservices.com pagead2.googlesyndication.com
1 2bbb5cd83d31683e5097831f559a4e1d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com www.bg3.co
1 live.primis.tech www.bg3.co
1 hb.yahoo.net www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 s0.2mdn.net imasdk.googleapis.com
1 imprammp.taboola.com vidstat.taboola.com
1 tlx.3lift.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 inv-nets.admixer.net ad.vidverto.io
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 9c051bb9c4354763d563f49d55884c89.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 trc-events.taboola.com cdn.taboola.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 uipglob.semasio.net Failed ads.pubmatic.com
public.servenobid.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.richaudience.com Failed csync.smilewanted.com
0 static.bg3.co Failed www.bg3.co
627 215
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-11-26		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2023-03-31 -
2024-04-30		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
min.tryiqos.ch
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.api.bliink.io
GoGetSSL RSA DV CA		 2023-05-22 -
2024-06-21		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 113 frames:

Primary Page: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Frame ID: 3768351D8F069BED85632EE23F31F37C
Requests: 203 HTTP requests in this frame

Frame: https://9c051bb9c4354763d563f49d55884c89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1C640BCF6990CB342D855127F1C45168
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6O_syYQ-aizOtICzEKx6nGgPCPq5eyA_0fq_XCqA-WbgihXr-GBROCmSYs8MZRM2l1fmA633an3Sv0TAxb2hw6nGdYRuT-u0Li1_a-eSXL2Xp5Y-epXPkn8OivjuImsW2iKFyoWmfi7hxZLgpEPV-misXWXTiN9NRD_BufZwyocf_JI8qPZPqm5Xk4LiIODh2pC0V5wuSU7S5OGwHBTICAmG8LZ-JV-Kq1D0teUF15l2ccdkzWX5l7MrssmiwDZwHhyplQoS5kMa2VF4HzKLeHNJEY3oE3_UP_bGEwrfmUhGnRWctPcreFelGtFZkaMn-Kw&sai=AMfl-YQxX5VPIexUPxCQCfJ3nnUzqiDoHfVoB3mYd3i2oxJEtGJIZbUUIiNKId4VIkRwgkkQ4HapI-8e01OSzDNbkFT51ek51Ij-5hOzaWS9Q78hsyrA5dmsj8gT1Yl26eLFlXsCXrl02K3DEnxC2SQ&sig=Cg0ArKJSzGouTx2C6DgIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 00ABEB9A2F7B94442B676A65B68261F4
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: CB69AD73A324F0953A90BE0678157FD6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 883A7520EC8355A504F362E34F00B345
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: B2F7C9B5DD246E0C332D3561CB76BEBD
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: D82F71509C143C8C6A417D4F18342AD6
Requests: 20 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&cmcv=&pix=undefined&cb=1698668562278&uv=3351&tms=1698668562278&abt=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2cd02ca0-d4ab-4d76-83f8-1ad5ecd20745&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: DF66557C5415A2967E52E36C507D3B07
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 0E3EE62F5C5733FE7E0F93E623CC450F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: 475DFE014254808B9C8AC6138B570DE0
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F0C8A8B0D1C80EF24AC9935843B303FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: 90DF97DEE273D7CDCDC56B261BDD3B9B
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 4AD1009C1DA9DDCB113962871C5BF277
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: B10BDB3CA7C0A89AD2426EC7681A1FCE
Requests: 3 HTTP requests in this frame

Frame: https://js.genieessp.com/t/551/001/a1551001.js
Frame ID: 1FB71C3B806DC5153C421B69BE3B4B36
Requests: 16 HTTP requests in this frame

Frame: https://2bbb5cd83d31683e5097831f559a4e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6243BDCDDD279A4ABBFF5AAE5FC27B60
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F293190CDD803515302C9D4D6A73F384
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Frame ID: 1B7F75F0A60C22020DF9D7FEB7EEE77B
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: 8DE36ED0570BC356FEB57FB3C9F4D1A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F77C1B2B0644D01A84DA4192A317F774
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6EA275CE1E4E117A31066F86D0ADE029
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8AABC70F55CE64C3E8D0449355BBF8B4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulUN8lCSr-HAigS_A6aEzNUmQ4t_FSbVsck4DIj0GdiddfBW9YjS8Sx0eQcm0EWtqeCXI__LNjPaaPIGg7HYtesNUoBPev358ygNA623QQv_eID5jL1Wm-nZE9idRRK1UhzoNlRfdL2p-6xG7tyFbHJsN1N7Mp9EIOsqpuKpySLAoMiPisqw9xC9cgFLtnZmtlD3fCBUY1nN5vWZbKg2NO1Z1kMaHSu28GuKRe-QO4Vsa9aPy0jaZ8XKwuWvCpPCKO9RVzN-avN9CDMXeV1-laMGUtpX4yg2vmpewGHpsZNh8t2O5kdFYfnDM8CyrlvFvglDiRYpxJIIKUkbAuijXultj73WkX&sai=AMfl-YSCMtwDkIHNwjqXHbC5qzt1RZ4xcBPV1EtxGgDX56b6ze4MWoWyB-RxCUe0GAAf9LWhELnsRSLxfdICdMkAJy2WB5_D3ovdJhhEW2AmwnloaZ6_cOiflWPPfvHJ6g&sig=Cg0ArKJSzGidLuetDy1sEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1AB40200250BC63AC718AD085A7C58F6
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNVMFln1Xs2yi6CcuTaiCm4G9SkqyvlPT3-GHoYMNYZCxsgx_A9PYhXn-ZtSoAkQidQ7ir_Y1SnlmIPn-scHuy1aPjmSIw
Frame ID: 3B2D78BB430032949C17779B3E0C8BEE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Frame ID: E696E7EF8CAF7FE26B0BC3FC69C1CFA9
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2473B9455E8A18BFB974DDEAD6B593C9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVw9Cuq_4sOHFb0aeMmwTcT7gjtRoKUcAsJSCfb94wEFQWoou0GfsW1ANO2CVpoodkxdxzo4a9PLrKy61rrI5vm2_PENwBwrjamx_cEp119yfyBEAYqI9ioCBeGOGGqOxmqcqBKx7XFucPI1B45Vu7qAFERbqlwTCAxDdcaqVuEfWpQPzXH9M6Z3is_istDyd84Dh72pOXqh5kgTm9rvVUvwMTMfireV-E48J_ZReO3cwJoB0jNa10cHW88CIiMtbhcKBNE_KY9CFGvYYJqjlws20c-IyV940m2Yz1eXxs1i2n7U08Xf-ytY8Vg0nZIVSZn9a9lg97sODwdUu4lU8MbW4GFlZQ&sai=AMfl-YR6jHE0IAdzpKUkxqtvR_QS26LFT6O7-x2gbIT6JwVhW1uuZnG50zHTKhG34tQCja0DGkEUekOgJTeC-ni47rJYUSwvvoBpzCEd8Ow56Z7d9Z4rkgxGqWlFeQGe8w&sig=Cg0ArKJSzDexl3QecHeuEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D8B2A653F90F66609D30B3EEC833733F
Requests: 23 HTTP requests in this frame

Frame: https://a.teads.tv/hb/ad/74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c
Frame ID: A5BB4A578A5E2E36D6D90886EDEF2309
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 11F480BEEE7DE56E1374982C8148BEE9
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 49AFC75E8381C86A44C1FD1F28A503AA
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A2404A22019C049142C4F3D56229097C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: 99D88BD9D156262CB3178290F921889A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 55D65FBA0E2BF76B1B4634F3CE2F8016
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Frame ID: C9FE19BC500AF6C63094359A49DD35A8
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: FD336782F846BC3438B6074284494AAE
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Frame ID: DC696F023CAC20216313C60EFF14C801
Requests: 11 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Frame ID: 9CD8AD5829C9D39848DDA81654B848E1
Requests: 7 HTTP requests in this frame

Frame: https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-b1605fb0-6db7-11ee-8490-7bdc52557b04.jpg
Frame ID: 060C36303DF3F397F21A36EEA314985B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD5D0C715F28D59BA38569E8E041476C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FB272EE2473F0AAA919EACB09867E7A
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: EBFE31340295981885962C371150CFDE
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0C67137D70C140434FEBEE86C210728B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 27C60B51B0A20C572FB1DC3C90720F7B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AB5B6490C0E6D7D4B5BB5244B79E50F8
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 2863E2D13B19C86D27D71F792D7FBA19
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1698668562364
Frame ID: 3020994BCEF7385507D552D788720CD5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 38097810C21D4939E3A2376A9DD170B4
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: D49273D36C2DC143B2FC4065E54EEDBE
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 85B76214DC7C01EBC690EA41ABC0D4FD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E875A3C3717E2FFCFF7846CF52DE6B88
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 802E3B9F875429B0B1D9500F6AAF6BD5
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: F4001550AD4CFE027FF3971616B7C02B
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 492C78D5C09B4639C8063B753F41C8BE
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: E01EB7199042F9C6310FBF26F7326959
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 29542BD2E59EF0FE8B3BE99497105338
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 301A4D1B9FFE907674E76AF2F6438C6A
Requests: 22 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 5C1BC0BBCD28DD1EA7CBA090518CA49D
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 68E5BB986D34DACCF2E6E034137B379F
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 8B35C0CC1603D25C174ACB536EB254F9
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 21135788C330F1EAF3CF9F175AD49BBD
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: F03767FC24F5567F967A6F6DD52F574C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: AE95A05E01D34F7AEF6F4DC76B99D347
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 46D7C1A93A6F043F7C4D362830A6A401
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=8844768291058234105&gdpr=0&gdpr_consent=
Frame ID: FF7668362B427DD53944E4525361AC1D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xODc2YjE1Ny1jNzg1LTRmYjgtOTBhYy01Y2IwMjQzYjQxNzQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 3FE2BA9C0900D5BE4158974AEF9C930B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: BD7FF24296B0E685FC685E5FBF83C48C
Requests: 5 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 23FBCEB48A7868FF1D4A2949786720C3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZT.gF8Co8XoAAPB5d64AAAAA
Frame ID: 70E10BAC2E97D0AA760DD5A73993013B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=d5tyvEdt8IxQm2CcW9BK&pi=gumgum&tc=1
Frame ID: 5515C9C50EB258CE3452AC359FE36462
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 4838F07D4FD254D40D236C96583DBE80
Requests: 4 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: F4E305ABFF0EE58D9CCFCDC1FF8870F7
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
Frame ID: 6517C4E17550F2084DA60E9096CAE29B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/0addc5d3-e6d0-532f-a76e-e98bc251499d
Frame ID: 9EB2C1CA3F9B83FB3CF53C94032DAC61
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Frame ID: FEE5290351D444AF5A9220583E300273
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: BC2DDC564B2F4AF27FD1087C79B11ACD
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=881375C0-EB9F-4737-95AF-40E122751C01&redir=true&gdpr=0&gdpr_consent=
Frame ID: 8A67FE963B2A7BE462029978349C4398
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=s1pL2ORfSYyoC0_csllV3eBdT4uoWUjY4F1jcKdq
Frame ID: 9ACD3FA2775A9234F1EEFF89F02CF47A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6340396427739311858&gdpr=0&gdpr_consent=
Frame ID: F1A504DCE797CB4DE7F15703FA664F68
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7295725937739167901&gdpr=0&gdpr_consent=
Frame ID: 29C6A57E9E4F6730D31B3E2DBF184DC5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 7123B6DA3BF644466C23F83E1BCF9F29
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Frame ID: 9FF1FA1AD8B67771071888252E94CA66
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 5E9EFEDF74A587160B94BC83463143C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 6B48A87A328C05FBDD9C580E13FC4FA6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKl07Kf0AAABlNN5Ezng&gdpr=0&gdpr_consent=
Frame ID: 03E3E054C5A52867782650522CAE1EAA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc673ae2883e34b00a7c7c9a7f7b17324
Frame ID: BE7E6EDDA3DC3B7EF7E890B1B4578938
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 5D03C4072F86758EF977E5F0DB662F09
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B3AD28F3F25FD75C1BA371B24DC70900
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F6D6FA6262B44946EBE5F72A77DD8F8F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=142608696338964148
Frame ID: 115F6C5477A786A373CB623C5353ECA0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927991940653
Frame ID: 1906151AD26038B57CD0648CD3D624BB
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 6A8B0EDAE16B2F7F2C2BD66342891188
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: AC7EA6859355645A3FECB8D23E74BF12
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbUQaQbVMVajjjTUS&gdpr=0&gdpr_consent=
Frame ID: E4087960904A77EB3922A68E7E8785E3
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=881375C0-EB9F-4737-95AF-40E122751C01
Frame ID: BB39183D96EA86538DA22B9F53717BF0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/8844768291058234105
Frame ID: C885D7CD768B813D7152995975DD9834
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-S2SjLqpvkCBh2FRHEQrjdPWFM864WrriMqk1GQ
Frame ID: F43290B7701EED802553F5500DA3C526
Requests: 1 HTTP requests in this frame

Frame: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Frame ID: B58E3844C2C57955499A97B4D1934838
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/b9c74158123d370e16c8b34244c2092?gdpr_consent=&gdpr=0
Frame ID: 26F9B56B115A242DB3F75B131D28E851
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Frame ID: 1EA19DF0E8E1BAD905C006F14759F90B
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=
Frame ID: 8F0A8F0E372CAD684F1CF31A7F5B968F
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A67C7ED8D4340D733F911A0D0EB4C104
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: D9983E3E42E5D559BF6F747370DE674C
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1671B0C306C880F787855C6900D5972E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
Frame ID: A509A17A168FAB6DE018C33276BE10C4
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5040206501
Frame ID: 64782F5ADCC606A8B976FCC272482452
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=881375C0-EB9F-4737-95AF-40E122751C01
Frame ID: 6B44861361CA9DFA3F33900CC3189551
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=
Frame ID: 192758A1C6DCEB7E39C6B8DF0AAAD3BB
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 22A13EC8D3612F8FDD850A06D0B50000
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: CC5E729BC75EE3FC3737BB38138AF9A8
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: D58D97853EBCB0E119E90452068DDE98
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
Frame ID: 4995B9315BA223552EEB313BD08DD58D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2688155207
Frame ID: A847E19F8C82D55840003C88ABCD7ED8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=881375C0-EB9F-4737-95AF-40E122751C01
Frame ID: DAC44755B83B6543300E08963DFD6127
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

預測柯文哲、郭臺銘參選下場 陳水扁:蔡英文應很清楚 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

627
Requests

76 %
HTTPS

25 %
IPv6

130
Domains

215
Subdomains

129
IPs

15
Countries

6965 kB
Transfer

20865 kB
Size

215
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 79
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=0d9be2e0-384f-4b31-983f-7e634fd2774b&p_id=23
Request Chain 80
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=eda524d3-db0f-4396-b0c0-e4ca193877f2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=eda524d3-db0f-4396-b0c0-e4ca193877f2&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=64a68355-cbc8-40ac-9c73-8746110319b1&p_id=15
Request Chain 107
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 108
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 187
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOCVEJ6V-13-BF9A HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOCVEJ6V-13-BF9A
Request Chain 193
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Q-ML2QDZaMz47Rmxeoj55sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gghbCxtE2oJJ7PnuXWMufqoHvDRUZS.ZN5SRyw--~A
Request Chain 194
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8nUvxUBuRi611QKTKzbBMA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8nUvxUBuRi611QKTKzbBMA
Request Chain 195
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9DVkVKNlYtMTMtQkY5QQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEABZqQyJ44FcD5-XhtQPHig&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9DVkVKNlYtMTMtQkY5QQ==&google_push=
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMxGb8UvOFK1HBMd0f5R4fI&google_cver=1
Request Chain 198
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOCVEJ6V-13-BF9A
Request Chain 199
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5BCr10QuQHytNGwEH8r-hA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5BCr10QuQHytNGwEH8r-hA
Request Chain 200
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA5OGRiNThhZTk0YmZlZmRmNjA4YjI4ZDY1Zjk2ZjgzODliNmE5Mg
Request Chain 201
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABKl07Kf0AAABlNN5Ezng&expires=30
Request Chain 202
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOCVEJ6V-13-BF9A
Request Chain 203
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOCVEJ6V-13-BF9A
Request Chain 204
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f2bf897b-88a0-4ada-aea5-88c7203f3f13&expires=30
Request Chain 205
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOCVEJ6V-13-BF9A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOCVEJ6V-13-BF9A
Request Chain 206
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOCVEJ6V-13-BF9A
Request Chain 207
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOCVEJ6V-13-BF9A&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOCVEJ6V-13-BF9A&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1DUS5raUI1RTJ1RWIxQkxSUmpwaFMyOVYxc05tSHpMZX5B&ovsid=LOCVEJ6V-13-BF9A&dpid=58160
Request Chain 208
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOCVEJ6V-13-BF9A
Request Chain 232
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-PLGW9HFE2oStNBJplUn77kZsIz4ELK1YSGsK.A--~A
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESENtFi8Hddh0xFRRuY1ktFSE&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESENtFi8Hddh0xFRRuY1ktFSE&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=efffa26a7bed60e21a8b25cb7d735d95&uid=efffa26a7bed60e21a8b25cb7d735d95&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 310
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEMfGhV8RFRqOLcAINYynn28&google_cver=1&google_push=AXcoOmRpARVjAeVlH-9Zza-RuwZNGCV2TlIq5L-_bp0E-3Wdc43Hc1b-WxaBmvysPgaDxkQv0fM5b_oHzETSpb_7uE8MN89l271BDjzHTRJN14biB2GG6nfm4y2z3282qlSvQ05Ual1e7tWc0X4d6B1tUcXE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=846803918736&us_privacy=1---
Request Chain 311
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN5Z16MK-NFSP6aI69AN6kA&google_cver=1&google_push=AXcoOmSMe03IOf-DOI8AzHUdg_9It-NVuqQrjdnWv6PSgMcbSzSjSo538WbqBspkGSL1W2cKChlZskOLZarO_0YErsKQ7OhB_pw6VEcs3IKpjXJn7ON8SwmOQeohh3qT9GOUxNQZWko7mqg6sygqcNjDo6k HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN5Z16MK-NFSP6aI69AN6kA&google_cver=1&google_push=AXcoOmSMe03IOf-DOI8AzHUdg_9It-NVuqQrjdnWv6PSgMcbSzSjSo538WbqBspkGSL1W2cKChlZskOLZarO_0YErsKQ7OhB_pw6VEcs3IKpjXJn7ON8SwmOQeohh3qT9GOUxNQZWko7mqg6sygqcNjDo6k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg0NDc2ODI5MTA1ODIzNDEwNQ&google_push=AXcoOmSMe03IOf-DOI8AzHUdg_9It-NVuqQrjdnWv6PSgMcbSzSjSo538WbqBspkGSL1W2cKChlZskOLZarO_0YErsKQ7OhB_pw6VEcs3IKpjXJn7ON8SwmOQeohh3qT9GOUxNQZWko7mqg6sygqcNjDo6k
Request Chain 312
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELW2aDqazVIhCqwAKswoMH0&google_cver=1&google_push=AXcoOmQ_ZaRbCJuEwyMWE-6Ocr4Y4eaYN01QL489Mt2ATfveNPXVlalvrOfo0_gEQ75ZMeiTputoIjXV_5kFjC563rqfms5kzbwzzs23nZpiPxL0hidjM3LDSglfs4DUiSNCDHlDK4jJ_wu-eBjK2ENo5NRE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=c_nnShwtVAh8MbEa5ZaC-C0M3qw&google_push=AXcoOmQ_ZaRbCJuEwyMWE-6Ocr4Y4eaYN01QL489Mt2ATfveNPXVlalvrOfo0_gEQ75ZMeiTputoIjXV_5kFjC563rqfms5kzbwzzs23nZpiPxL0hidjM3LDSglfs4DUiSNCDHlDK4jJ_wu-eBjK2ENo5NRE
Request Chain 313
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGtIcaO-OK6_FLcDzNr0l7U&google_cver=1&google_push=AXcoOmQ5jdh0qWfplketHXt4ISPex5wGZ0-UBpuDd3wSKiHunTgHy9RXev3xDuuhKV_NAv-BQtqHXkE1TdzNDuIiamPveTi_1TaLKjWgmvYryfsdG87T_fiTqFFBt6-nUzfn3vThqMdWG_bXBlxCS2-_Yps HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ5jdh0qWfplketHXt4ISPex5wGZ0-UBpuDd3wSKiHunTgHy9RXev3xDuuhKV_NAv-BQtqHXkE1TdzNDuIiamPveTi_1TaLKjWgmvYryfsdG87T_fiTqFFBt6-nUzfn3vThqMdWG_bXBlxCS2-_Yps&google_hm=MTgyMzYzMjI1Mjc2OTgzMDI2
Request Chain 362
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1698668564340 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzljOTlhOGItZDVmZi00MTI1LTgwMjctNDhjMzg1YjRlNTUx
Request Chain 364
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1698668564340 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=e804ed7b-79f3-429f-84e0-199fb6f55d3c&gdpr=0
Request Chain 365
  • https://pr-bh.ybp.yahoo.com/sync/teads/79c99a8b-d5ff-4125-8027-48c385b4e551?gdpr=0&_t=1698668564340 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-ammcpCJE2oTXW7mTcC.e3wzl4ZvEYlFpg9I-~A
Request Chain 368
  • https://idsync.rlcdn.com/474599.gif?partner_uid=79c99a8b-d5ff-4125-8027-48c385b4e551_ch&_t=1698668564340 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzc5Yzk5YThiLWQ1ZmYtNDEyNS04MDI3LTQ4YzM4NWI0ZTU1MV9jaBAAGg0IlMD-qQYSBQjoBxAAQgBKAA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHLRKyPxjNG3zmEeIposehQ&google_cver=1
Request Chain 371
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=1698668564340 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=79c99a8b-d5ff-4125-8027-48c385b4e551
Request Chain 372
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1698668564340 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzljOTlhOGItZDVmZi00MTI1LTgwMjctNDhjMzg1YjRlNTUx HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 392
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?insert=AW
Request Chain 402
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1698668564467 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=3e1187d0-25a7-4975-9280-a02e478c2cc4&gdpr=0
Request Chain 403
  • https://pr-bh.ybp.yahoo.com/sync/teads/79c99a8b-d5ff-4125-8027-48c385b4e551?gdpr=0&_t=1698668564467 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-ammcpCJE2oTXW7mTcC.e3wzl4ZvEYlFpg9I-~A
Request Chain 404
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D19%26uid%3D%24UID&gdpr=0&_t=1698668564467 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.teads.tv%252Fum%253Ffp%253D1%2526eid%253D19%2526uid%253D%2524UID%26gdpr%3D0%26_t%3D1698668564467 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=19&uid=6340396427739311858&gdpr=0&_t=1698668564467
Request Chain 405
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=1698668564467 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=79c99a8b-d5ff-4125-8027-48c385b4e551
Request Chain 406
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1698668564467 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzljOTlhOGItZDVmZi00MTI1LTgwMjctNDhjMzg1YjRlNTUx HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 423
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=3a465b875db240fde634d60a981a3cb7
Request Chain 424
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA2pzoBKO2b-VVZtDAbOqcxl_Mr88wC2VYdGCnjsis0KGrw2uTgZVEDwN2ELZXOJxlA&format=gif
Request Chain 425
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAzhxkbxY2M7RB7RF0MaGzVMGP17_w0bXZjKRZ2_pA7utAY-8ngiwOj7PvxnPwI6wDg&format=gif
Request Chain 426
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=VRiS5qLTDW-vQv0WFqA_ZQ
Request Chain 428
  • https://genieeintl-d.openx.net/w/1.0/acj?ai=db00e7bc-09ec-4929-8686-dcf0e78370cb&o=9648140340&callback=OX_9648140340&ju=https%3A//www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1 HTTP 302
  • https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=db00e7bc-09ec-4929-8686-dcf0e78370cb&o=9648140340&callback=OX_9648140340&ju=https%3A//www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Request Chain 453
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UdCaeQbVmC1KgZ59UNOEfALXnipK05l5Ate2G0oy
Request Chain 454
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8844768291058234105
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDAAwO4WsRXoyB-cpdZV5XI&google_cver=1
Request Chain 462
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 463
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 468
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6340396427739311858
Request Chain 469
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HkompRZHRwPaAVS6SuCSmYNt
Request Chain 471
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698668566269 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2538796507 HTTP 302
  • https://sync.1rx.io/usersync/turn/3206641468380062169?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
Request Chain 472
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5140084927991940638
Request Chain 473
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=9da0abaa-c749-4dd1-9974-bed4d8f4e335
Request Chain 474
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 475
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
Request Chain 476
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAgwOOAE=
Request Chain 477
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
Request Chain 479
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 482
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 486
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=182363225276983026&gdpr=0&gdpr_consent=
Request Chain 487
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=182363225276983026&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 488
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e804ed7b-79f3-429f-84e0-199fb6f55d3c&gdpr=0&gdpr_consent=
Request Chain 489
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1698668566298 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6402038794 HTTP 302
  • https://sync.1rx.io/usersync/turn/3278699062417990105?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
Request Chain 492
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZT.gFvAKAxf-Axit5l3mIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSyQ_Yk4H2qScamTdpu-J0&google_cver=1&google_hm=2
Request Chain 495
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZT.gFvAKAxf-Axit5l3mIwAA%261160&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZT.gFvAKAxf-Axit5l3mIwAA%261160&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0feb286f190a467f9546c26b11f63ec9 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=0feb286f-190a-467f-9546-c26b11f63ec9 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9d9a1d3c-4d97-4c0d-a12f-58d95f3cfd26%3A1698668567.2511024&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9d9a1d3c-4d97-4c0d-a12f-58d95f3cfd26%253A1698668567.2511024%26_%3D1698668567.2534742&cb=1698668567.2535121 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927991940653&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9d9a1d3c-4d97-4c0d-a12f-58d95f3cfd26%253A1698668567.2511024%26_%3D1698668567.2534742 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9d9a1d3c-4d97-4c0d-a12f-58d95f3cfd26%3A1698668567.2511024&_=1698668567.2534742 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6340396427739311858
Request Chain 496
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LSHGDzFd1QXri65
Request Chain 497
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433830696896512
Request Chain 499
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=
Request Chain 501
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZT.gFjzELfTlDUYy4m3xAQAA%263353&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZT.gFjzELfTlDUYy4m3xAQAA%263353&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=9bf7846088e64cdd824bc8f0a5a63d20 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=9bf78460-88e6-4cdd-824b-c8f0a5a63d20 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc193f67-8a66-43f5-adb5-e358cf0f6f35%3A1698668567.2522514&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc193f67-8a66-43f5-adb5-e358cf0f6f35%253A1698668567.2522514%26_%3D1698668567.2555249&cb=1698668567.2555895 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927991940653&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc193f67-8a66-43f5-adb5-e358cf0f6f35%253A1698668567.2522514%26_%3D1698668567.2555249 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc193f67-8a66-43f5-adb5-e358cf0f6f35%3A1698668567.2522514&_=1698668567.2555249 HTTP 307
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18 HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEN022bpsh7DaMagVocSx1R4&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEN022bpsh7DaMagVocSx1R4&action=GET_ID&etid=&domid=1052 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6340396427739311858&opid=apx&ops=&utidl=tech:goo:CAESEN022bpsh7DaMagVocSx1R4&action=GET_ID&etid=&domid=1052 HTTP 303
  • https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A52634385712
Request Chain 502
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZT.gFjzELfTlDUYy4m3xAQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSyQ_Yk4H2qScamTdpu-J0&google_cver=1&google_hm=2
Request Chain 504
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZT-gFjzELfTlDUYy4m3xAQAADRkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJyCYCVTmFqh2k548eqR6d8&google_cver=1
Request Chain 505
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714479766&external_user_id=293037fc-6a89-48ea-8740-95cb32aa18e1
Request Chain 506
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Request Chain 507
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084927991940653
Request Chain 508
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZT_gFgAAAECjFgAm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZT_gFgAAAECjFgAm&_test=ZT_gFgAAAECjFgAm
Request Chain 511
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6340396427739311858
Request Chain 512
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1876b157-c785-4fb8-90ac-5cb0243b4174&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8844768291058234105&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 513
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=c3d22b31-e481-02be-225c-c244afae1d1c
Request Chain 514
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
Request Chain 515
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-7kuGwyNE2pc9lP6quv78mb7xh4sKOfDdkSNg~A
Request Chain 516
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f2bf897b-88a0-4ada-aea5-88c7203f3f13
Request Chain 518
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1876b157-c785-4fb8-90ac-5cb0243b4174&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_1876b157-c785-4fb8-90ac-5cb0243b4174&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=wX2uT1VheezguExWq1fo&gdpr=0&us_privacy=1---
Request Chain 519
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=BRFaRERwbXGE&ev=1&pid=558355
Request Chain 520
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=182363225276983026
Request Chain 522
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=8844768291058234105&gdpr=0&gdpr_consent=
Request Chain 526
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZT.gF8Co8XoAAPB5d64AAAAA
Request Chain 527
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=d5tyvEdt8IxQm2CcW9BK&pi=gumgum&tc=1
Request Chain 528
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 531
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2939835780 HTTP 302
  • https://sync.1rx.io/usersync/turn/3278699062417990105?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
Request Chain 532
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZT.gFvAKAxf-Axit5l3mIwAA%261160
Request Chain 534
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=678a602a62da295f56ae23c30c2c17c7
Request Chain 535
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=adb66d45-b306-05bc-3dbf-cb5e27fd96bf
Request Chain 536
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6340396427739311858
Request Chain 537
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 538
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=262362810947758941118
Request Chain 542
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=7492727175570006973 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/0addc5d3-e6d0-532f-a76e-e98bc251499d
Request Chain 543
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Request Chain 544
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 546
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=s1pL2ORfSYyoC0_csllV3eBdT4uoWUjY4F1jcKdq
Request Chain 547
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6340396427739311858&gdpr=0&gdpr_consent=
Request Chain 548
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7295725937739167901&gdpr=0&gdpr_consent=
Request Chain 549
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 550
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Request Chain 552
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 553
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCS2wwN0tmMEFBQUJsTk41RXpuZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABKl07Kf0AAABlNN5Ezng&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=182363225276983026&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABKl07Kf0AAABlNN5Ezng&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D182363225276983026%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=182363225276983026&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABKl07Kf0AAABlNN5Ezng&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKl07Kf0AAABlNN5Ezng&gdpr=0&gdpr_consent=
Request Chain 554
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc673ae2883e34b00a7c7c9a7f7b17324
Request Chain 555
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 558
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=142608696338964148
Request Chain 559
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927991940653
Request Chain 562
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=16d0d15f50ccc768/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbUQaQbVMVajjjTUS%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=359812d250110711887f147b4c0bb324&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNOvcHvPGbUQaQbVMVajjjTUS%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbUQaQbVMVajjjTUS&gdpr=0&gdpr_consent=
Request Chain 564
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBN1wOufRzeVr0DhInUcAQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 565
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=&ct=y
Request Chain 566
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1433622249
Request Chain 567
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=881375C0-EB9F-4737-95AF-40E122751C01 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTI0akRabTdkcUFUZmlOSHE2ZUx5dGZBdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8844768291058234105&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 568
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODgxMzc1QzAtRUI5Ri00NzM3LTk1QUYtNDBFMTIyNzUxQzAx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 569
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDPGC43YhzjU3Q6ZI1zZg90&google_cver=1
Request Chain 571
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8844768291058234105
Request Chain 574
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=881375C0-EB9F-4737-95AF-40E122751C01&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-705oLxZE2uW5b1UjN81RYrxdJC.NP90-~A&gdpr=0
Request Chain 575
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=
Request Chain 576
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3278699062417990105&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 577
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6993edcb133f1635&is_secure=true&networkId=17100&version=1&nuid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHzm1ltWNSRANPHU9OAAAAAAA&expiration=1698754966&nuid=881375C0-EB9F-4737-95AF-40E122751C01&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=881375C0-EB9F-4737-95AF-40E122751C01
Request Chain 578
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6a3bc4a3-bf39-4f75-89ca-c3bf3e4d55d3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=881375C0-EB9F-4737-95AF-40E122751C01
Request Chain 581
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=2c922482e8db592fdaa3973f5a738b8&gdpr_consent=&gdpr=0
Request Chain 582
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6340396427739311858
Request Chain 584
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8844768291058234105
Request Chain 585
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=yhBMd19DTXJ1SlZUb1VNbDV2bGVuQzB4a3k3diUyRkx6MUZyRG5lOVNpMUU0RVZIbTY2TUZLMmlZYlkwMXRrQzZENTZreE9YWndpSUxIdngxNzdLcGFRNXMxaGJxZGptWGxLV3g4WktPcjIlMkI5UG04ck05dEJGdGZxZXNxTldNeUFSY25iMjNlbWx5c1ZCYTdrSVBiS1JacDF4dmJvdFJicWZIZFBqU2Z1cXM4RHA3OGZXa3lXNUxxaDVyWnFWRExWb0pCNUlp&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-rby4lapvkCBh2FRHEQrjdPWFM87hWOvj1GRx9w HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=yhBMd19DTXJ1SlZUb1VNbDV2bGVuQzB4a3k3diUyRkx6MUZyRG5lOVNpMUU0RVZIbTY2TUZLMmlZYlkwMXRrQzZENTZreE9YWndpSUxIdngxNzdLcGFRNXMxaGJxZGptWGxLV3g4WktPcjIlMkI5UG04ck05dEJGdGZxZXNxTldNeUFSY25iMjNlbWx5c1ZCYTdrSVBiS1JacDF4dmJvdFJicWZIZFBqU2Z1cXM4RHA3OGZXa3lXNUxxaDVyWnFWRExWb0pCNUlp&u=64a68355-cbc8-40ac-9c73-8746110319b1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-S2SjLqpvkCBh2FRHEQrjdPWFM864WrriMqk1GQ
Request Chain 588
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b9c74158123d370e16c8b34244c2092?gdpr_consent=&gdpr=0
Request Chain 589
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOCVEJ6V-13-BF9A HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LOCVEJ6V-13-BF9A
Request Chain 590
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOCVEJ6V-13-BF9A HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LOCVEJ6V-13-BF9A
Request Chain 597
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084927991940653
Request Chain 598
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZT_gFgAAAECjFgAm
Request Chain 600
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?val=AABKl07Kf0AAABlNN5Ezng&id=537125688
Request Chain 601
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=cb2f88b24d91682&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIB6BDCfMYAwNi9gtfAAAAAAA&expiration=1698754967&nuid={OX_USER_ID}&is_secure=true
Request Chain 602
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=c_nnShwtVAh8MbEa5ZaC-C0M3qw
Request Chain 603
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=67kFfWUSg8ajU54etOcm4A==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 605
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a73b8582-338b-4d62-a442-5139364b70b9&expires=1&user_group=2&ssp=openx&bsw_param=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 606
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=d5tyvEdt8IxQm2CcW9BK&pi=openx&gdpr=0
Request Chain 622
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
Request Chain 623
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5040206501
Request Chain 626
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 627
  • https://pixel.onaudience.com/?partner=214&mapped=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 629
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 630
  • https://pixel.onaudience.com/?partner=214&mapped=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=16d0d15f50ccc768 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79e98d8e-03a5-4903-7706-2de81d9b7340&reqId=1f39a69e-090e-4334-7ab9-baa724b2504e&zcluid=16d0d15f50ccc768&zdid=1332
Request Chain 635
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
Request Chain 636
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2688155207

627 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
www.bg3.co/a/ 		62 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
db9c4790d56bc89c9c9263b39ccfd281de19786f9161a95a97ae69beaf97336c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 12:22:40 GMT
etag
"f729-be6BfotWDTMIcW5G5U6Oz+hI62o"
expires
Mon, 30 Oct 2023 12:23:40 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 30 Oct 2023 12:22:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73031
x-xss-protection
0
server
sffe
etag
"aa4f775a8c339659"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 30 Oct 2023 12:22:40 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93870d49d621c8497ff79e8e43190812369c744395be1e8cf58416372b990a3e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 30 Oct 2023 12:22:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9646
x-xss-protection
0
server
sffe
etag
"34199929c7bc09b9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 30 Oct 2023 12:22:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c572a4f453cc676d9bbfa1519551c72d56e707648fff6dd1af09ae0a656cfd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29535
x-xss-protection
0
server
cafe
etag
469 / 19660 / 31079073 / config-hash: 17201585203636211321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:40 GMT
js
www.googletagmanager.com/gtag/ 		267 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
323cf927fba07f4dfed65886c229bf627fa6f57593901045c7c97b0f5256505b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91035
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 30 Oct 2023 12:22:40 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 09:54:32 GMT
server
cloudflare
age
33081
etag
W/"653a3758-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
81e3a0091c4e366f-FRA
expires
Mon, 30 Oct 2023 15:11:19 GMT
adRecover.js
delivery.adrecover.com/43519/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
79435c78f5700a51da5339350b2c640153fcb817d0a7d328b5a53dd3f71252c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Oct 2023 13:22:41 GMT
date
Mon, 30 Oct 2023 12:22:01 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Mon, 30 Oct 2023 06:59:46 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
adpushup.js
cdn.adpushup.com/42753/ 		706 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ef13422327dc5aeac8c2f6b8e0a59484985710802a3843a3708ebec0ca56679d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Oct 2023 13:22:41 GMT
date
Mon, 30 Oct 2023 12:22:01 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Fri, 27 Oct 2023 01:09:10 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		574 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f72d10960fe571d38746e87b0af42c7cd3f6be61e5806394c0cc462d51a17a0f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cE4MhJwHwsvzRWrD55LtQ6CGBQeexrGk
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:40 GMT
x-amz-request-id
F7WVT8QT9QA6H7H4
age
5150
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
55393
x-amz-id-2
3N8890DlQPePsZ0sUQDjO3eSXmRWu9WxeHOYTbqIYIaULOHOtUdURyosp2GXZd3WduJ4C+RtZ0w=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 10:54:44 GMT
server
AmazonS3
x-timer
S1698668561.822762,VS0,VE0
etag
"b2d373467a341f0250c9b8ab98ec74b9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
35
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
2
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6405
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk9tx99o%2B7%2FYLslIPIGdw%2Bk0Bx6PYX6TDk3pv6X9YsQIFbWPKI3eW641Pb4UjTaWTvPwLk4142S3mTYbAoba8R3a%2BObpjTajU882umiVDl%2FxZwXo%2BRmpOlpq6YkT8BjopXCkpWs2umW5tOPqeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81e3a00c4a622baf-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
t.php
c.statcounter.com/ 		192 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=7B9E060C6B154F835F593D2450E5A3C4&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&t=%E9%A0%90%E6%B8%AC%E6%9F%AF%E6%96%87%E5%93%B2%E3%80%81%E9%83%AD%E8%87%BA%E9%8A%98%E5%8F%83%E9%81%B8%E4%B8%8B%E5%A0%B4%E3%80%80%E9%99%B3%E6%B0%B4%E6%89%81%EF%BC%9A%E8%94%A1%E8%8B%B1%E6%96%87%E6%87%89%E5%BE%88%E6%B8%85%E6%A5%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1921&sc_rum_e_e=1928&sc_rum_f_s=0&sc_rum_f_e=1917&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
81e3a0098cee366f-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
59c5f2e7760fd96ebcf9f7303e6534f3.jpg
static.bg3.co/imgs/202106/ 		0
0
fe4d9139bee1fe35e91a0c453e58f669.jpg
static.bg3.co/imgs/202106/ 		0
0
86ae6db3e7e248517f7efb7f2ba062ea.jpg
static.bg3.co/imgs/202105/ 		0
0
bddcbead2f642177e1222dbf75dd143f.jpg
static.bg3.co/imgs/202106/ 		0
0
55efd629e464616b26ba77bb199aec96.jpg
static.bg3.co/imgs/202106/ 		0
0
a00fe52d5c038664dba2c6e8cf64d6be.jpg
static.bg3.co/imgs/202105/ 		0
0
5b84400880c94f1059ecf8053ecde4cf.jpg
static.bg3.co/imgs/202106/ 		0
0
796238c29aeaa8b7f27eb6820806f31e.jpg
static.bg3.co/imgs/202106/ 		0
0
e9d8fd0a5bf2ce6b5ea7828cf3150aaa.jpg
static.bg3.co/imgs/202106/ 		0
0
7a36f6a4cfb913b88811d461010a38b3.jpg
static.bg3.co/imgs/202106/ 		0
0
d72d8124efa8645a65df859099f71f16.jpg
static.bg3.co/imgs/202106/ 		0
0
46a745b78c3bf15ee345d0e1bfca1b9e.jpg
static.bg3.co/imgs/202106/ 		0
0
4cb09b0c98732b3b1b9df0f423afdc6e.jpg
static.bg3.co/imgs/202106/ 		0
0
d8e01b31b9f060b636cdba3c18759038.jpg
static.bg3.co/imgs/202309/ 		0
0
92f9a100f19a65277e02a50632a6b5cf.jpg
static.bg3.co/imgs/202105/ 		0
0
e89e1025430507aa33c6611ecc16cd7b.jpg
static.bg3.co/imgs/202106/ 		0
0
59c5f2e7760fd96ebcf9f7303e6534f3.jpg
static.bg3.co/imgs/202106/ 		0
0
69efb5046fc96d4c136c6178b3b4e781.jpg
static.bg3.co/imgs/202106/ 		0
0
ea9eb89c0a40fc161d5ba35d17b579f4.jpg
static.bg3.co/imgs/202106/ 		0
0
f2b7dfe4155877ab0369cc0b6cbe7ca0.jpg
static.bg3.co/imgs/202105/ 		0
0
c7c5a8663b60163f846e700ef797a5a0.jpg
static.bg3.co/imgs/202310/ 		0
0
ca14f90cb0b0673e41ab6ef0b8a8ada0.jpg
static.bg3.co/imgs/202105/ 		0
0
e399d608295bcaf2cbe9f6d8748b0e8d.jpg
static.bg3.co/imgs/202106/ 		0
0
1eff246c4c72d66180f82e42ce9e0e51.jpg
static.bg3.co/imgs/202105/ 		0
0
05d0229829262bd95da5938e13f56b72.jpg
static.bg3.co/imgs/202106/ 		0
0
2a76131986229d82dcd2b81fdf6dac75.jpg
static.bg3.co/imgs/202106/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310111731000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310111731000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Oct 2023 08:11:50 GMT
age
274250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2971
x-xss-protection
0
server
sffe
etag
"d3318576b6061a39"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 26 Oct 2024 08:11:50 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310111731000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310111731000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 24 Oct 2023 18:02:50 GMT
age
497990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3951
x-xss-protection
0
server
sffe
etag
"e11a2f49b1f47e4c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Oct 2024 18:02:50 GMT
impl.20231030-8-RELEASE.js
cdn.taboola.com/libtrc/ 		814 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d117bd86550fabfcc8705026b909dc41edc00b867872d211973993e3b3eb4d0f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5tsRuxtBgfq5fdZiQMxQSXV1b5n8cLoC
content-encoding
br
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
Y0Y3ZAJ6ZTP4MJJ0
age
6383
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172432
x-amz-id-2
V89mNkvGoEA9AkU5t0oaEMaL4Jem3qwoxRfHCDcUyQnNljndsBVntu+K7g/jquLsb11YDHcQ6H4=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 10:34:11 GMT
server
AmazonS3-br
x-timer
S1698668561.000156,VS0,VE0
etag
"acf577fe01600d9a0da14430a56131d7"
vary
Accept-Encoding
content-type
application/javascript
abp
25
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
20099
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3ap0v9102959953&_p=816515634&gcd=11l1l1l1l1&cid=736758696.1698668561&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698668561&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=%E9%A0%90%E6%B8%AC%E6%9F%AF%E6%96%87%E5%93%B2%E3%80%81%E9%83%AD%E8%87%BA%E9%8A%98%E5%8F%83%E9%81%B8%E4%B8%8B%E5%A0%B4%E3%80%80%E9%99%B3%E6%B0%B4%E6%89%81%EF%BC%9A%E8%94%A1%E8%8B%B1%E6%96%87%E6%87%89%E5%BE%88%E6%B8%85%E6%A5%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 06:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
19986
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135211
x-xss-protection
0
server
cafe
etag
17495413759700775962
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 29 Oct 2024 06:49:35 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
260379
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		73 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=13%3A22%3A41.132&lti=deflated&data=%7B%22id%22%3A754%2C%22ii%22%3A%22%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698663279077%2C%22vi%22%3A1698668561129%2C%22cv%22%3A%2220231030-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html%22%2C%22vpi%22%3A%22%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3481%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3358.953125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12a60ba56e6d4c71f3c843f732ef143d5ba17140ab60c7b34063023ce2c6d227

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
398
date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.9231250000000001
x-fastly-to-nlb-rtt
59178
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1698668561.166207,VS0,VE398
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/palmate-bg3co/log/3/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1683120974810258&correlator=541301888484073&eid=31079073&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1698668561192&lmt=1698664961&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=736758696.1698668561&ga_sid=1698668561&ga_hid=816515634&ga_fc=true&dlt=1698668560711&idt=454&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
554a076af9b252e2c92eb2ead65e7957b3618edb33a2828bb540c02506bb7218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12607
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9c051bb9c4354763d563f49d55884c89.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1C64 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9c051bb9c4354763d563f49d55884c89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:41 GMT
expires
Tue, 29 Oct 2024 12:22:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 00AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6O_syYQ-aizOtICzEKx6nGgPCPq5eyA_0fq_XCqA-WbgihXr-GBROCmSYs8MZRM2l1fmA633an3Sv0TAxb2hw6nGdYRuT-u0Li1_a-eSXL2Xp5Y-epXPkn8OivjuImsW2iKFyoWmfi7hxZLgpEPV-misXWXTiN9NRD_BufZwyocf_JI8qPZPqm5Xk4LiIODh2pC0V5wuSU7S5OGwHBTICAmG8LZ-JV-Kq1D0teUF15l2ccdkzWX5l7MrssmiwDZwHhyplQoS5kMa2VF4HzKLeHNJEY3oE3_UP_bGEwrfmUhGnRWctPcreFelGtFZkaMn-Kw&sai=AMfl-YQxX5VPIexUPxCQCfJ3nnUzqiDoHfVoB3mYd3i2oxJEtGJIZbUUIiNKId4VIkRwgkkQ4HapI-8e01OSzDNbkFT51ek51Ij-5hOzaWS9Q78hsyrA5dmsj8gT1Yl26eLFlXsCXrl02K3DEnxC2SQ&sig=Cg0ArKJSzGouTx2C6DgIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Oct 2023 12:22:41 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 13:45:26 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651ebdf6-66b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 30 Oct 2023 13:22:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 00AB 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:41 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3867930
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230035-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1698668561.388408,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 36692
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5269
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FG8cLQq8eUe3brTYKUAu%2BVtxeTCg170T57tRY%2B%2FeW%2BGJ3VMrQr00zBTKPdeKdzg6lLm8D2M3xNotAGdF5QbAh2ivr%2FV49T14q04Du96xOkUnMGDz%2FWwNr9RYxyTEDsJfR9GTZ0h9U57seQe5ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
81e3a00c8ab32baf-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a4a0b2d357363e3c4dcc8cef8dbb67b273ba61bad258a84d298968055bdce42

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 12:22:41 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6619515815820181&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
block.jpg
delivery.adrecover.com/ 		631 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1698668561433
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 29 Oct 2024 12:22:41 GMT
date
Mon, 30 Oct 2023 12:22:41 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
6398237
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
truncated
/ Frame 00AB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cd674236949e7670af6f47abdbab92d5d39e92dbbad80e93f9f52366ccbc923

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 00AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJtjKKssBMuDgNHzbBpsorQvVPpo5dYbHVUDYRSmlNVrgqNdOKy2aKTuhrPPOSQ6lssJ5Dsz6__jr3cc8sDwPqrtFQMDiflpKncHG1DW20xth0hHVZmNf5Itc6E49m7xzAX193wg-gjwSLta7iz5YPlzT7UwSuliLaUy7No5oKtdBkkLH1tgC4VV27gKetp5Esn0i3JfO_KfWSbdTORHvncg__XmbErEy5QkELf2XG8xK7KiyTgSVpQBrJXL_uHwcIhbBTq95vmQRmKMifFoNylfrEs3OxZtjPpUvaJEYM4BR6P3VXxYe-m6O70S_lWPAgXt4Z&sai=AMfl-YTvS40TwIkEPd5XxAJ2TBCbIPZylWo9Xxz6eD2Mv_PiiwLnmZc-yaxqmbHCRZaUXBNDkVb2YkJhEgqyNncidlHZaO8tNoSBWvNOWlyfnxJrTriU_m2gdJNsAJhWBcwfKU5iDn2BgXa7j5wZ8_c&sig=Cg0ArKJSzEy7Jk86BbACEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Oct 2023 12:22:41 GMT
impress
ad.vidverto.io/delivery/ 		56 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&referrer=&async=1&uid=6441111256&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
277838868b3b898be6194f23f20226e64611d2a75abceddd3818a182b1f46c5d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3430461
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230035-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1698668562.597668,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 1616812
floating-unit.20231030-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231030-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffafb3b2b7ed8883608c0f6c2eebb1fc1a9c8e36823699cc33d7bde6d0d1f6af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rqw2Ugo91Yzy_wllkEYuymVHMzUxB5Im
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
VD3J52B0NG5G54B5
age
1101
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2492
x-amz-id-2
V/jiD0a8xzl+zeok840Y76UEoxOtnpLiBYlhHCmYEZPVOSNihSFrXSqYoelj0sui39prGffGMhU=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 12:04:20 GMT
server
AmazonS3
x-timer
S1698668562.612850,VS0,VE0
etag
"89e5d8aeb168c38b3748aa6778b82497"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
337
taboola-vignette-new-scanning.20231030-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231030-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6a18968d1fdab07d46f58e73938aaf6ca8eedb5b9e34ad37a81967331e6ef46

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
EYX6nncMzJw8dn5pAMFsZtktlG3.3UTS
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
W6YD362M94MD0WNK
age
1069
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
ygv9+h3oyJfSmSItou4GALYA3IKgSULHcsdN75UAU+vPuQoDwf4kbUZNyARJId10qPZofJhOPm4=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 12:04:53 GMT
server
AmazonS3
x-timer
S1698668562.613458,VS0,VE0
etag
"c7688921bbf6b04c2179392cf55ce77a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
247
distance-from-article.20231030-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231030-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fd1affca65bd2932c1697c29cd1014cd40bddcbad2798d61e1cccd83b0aaaa6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
THoSDC3v0av2W5yDceTdFxaOBzrogCly
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
7ZGGQAP09ER8H4CB
age
1118
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
Qp9ysPywTrDFjfpp0YxZCZRIRjn4OcBGLM4MiNoQzOgBc+wIgXzpIYCEstsTJNFHi2K8HkNsZ+M=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 12:04:04 GMT
server
AmazonS3
x-timer
S1698668562.638977,VS0,VE0
etag
"545975a53376d39d36972b7b37a365d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3140
article-detection.20231030-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231030-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1d9ab508ae370d3465421ef78a14b192a47b95c3a73c1bcdb307df2fae3b2e2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MZe0uKWapPu0EQh.BpNW2abTZt0iMEbr
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
JXH3D2DDZ15DXS4W
age
1129
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
X7orf8KQCbcxB3cda/kKqQYM+EkvnwqbZjBKOA24P2EavhmBoGS3DoaRzVB80gTk4AODsQIsT28=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 12:03:52 GMT
server
AmazonS3
x-timer
S1698668562.638945,VS0,VE0
etag
"049eacbb610949460abc42ba5e2d4a3b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3172
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.0/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
263e178829a87ff33a2978646991a53646a4638d059d3f9e8304523e1f469889

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
184705
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34938
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Sat, 28 Oct 2023 09:02:24 GMT
server
AmazonS3
x-timer
S1698668562.694298,VS0,VE0
etag
"6392411b46236574ff2353eefe84756f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ZWVVkqxlzsvxO-XPagQtearezorwcLzIDxOSjguQVGI7-bExVfoBRA==
x-cache-hits
18223
feed-card-placeholder.20231030-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231030-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8407b65081049e10379952a5f3c0998726ffc0d98a48f2dea5ce2b9e2f283d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z9InWc_n67an_HtYKf7Z6ODKRFU04Tgp
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
6PN4MHVX0JX5NF9W
age
1110
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
FWYpTI1Ra4VXmMJ7JQvQg70Qq+PpqR1NF0YoLVDfRMVbi7ToTdqVhVNORYd+yBgC/upW8eDZwa0=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 12:04:11 GMT
server
AmazonS3
x-timer
S1698668562.641763,VS0,VE0
etag
"1e73c73a33e708dece26a13188df3396"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
96
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2927
userx.20231030-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231030-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc08595502dffde3de6efe7b8b12b5a3a4f32802292324a74aa00faeb18536b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YEsSjmP0_UZPexl_vB90BAWoKF_Fw.wN
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
XFPK9J305N3GP36V
age
1063
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
jhLsJH1gQNX/SzLm4/01iSJ/J5WOII+5DjtFPoi5489Ic8wJnG6ij58in5kd97exKQc9MIVV5aE=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 12:04:59 GMT
server
AmazonS3
x-timer
S1698668562.647106,VS0,VE0
etag
"a7329d5b53bc376f5d519abb07c4140e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
872
explore-more.20231030-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231030-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
121c48337b0025672acbece74f3443b209eddc278e8d300ae60705bb575910e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qQhWnyybWdb2Od.jENeK49ZF79BFJgvj
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
AFW3S2NQ9MGK27E8
age
1113
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
U13/sd0IRZHx+RHxNuosj1wK0M5RKsePneGXzNLgenVcmYHvWvAzuCKwa+M5Ne272HyPAztldSA=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 12:04:09 GMT
server
AmazonS3
x-timer
S1698668562.659120,VS0,VE0
etag
"af8a482d56e263f4d0e6d269a2f2e6a5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
88
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1343
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=13%3A22%3A41.602&id=4764&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1698668561603%7D&tim=13%3A22%3A41.603&id=4503&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698668561621%7D&tim=13%3A22%3A41.621&id=534&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A22%3A41.649&id=6755&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
94
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1698668562.676781,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
34
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
143
/
onetag-sys.com/usync/ Frame CB69 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127418
x-xss-protection
0
expires
Mon, 30 Oct 2023 12:22:41 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 30 Oct 2023 13:22:41 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 30 Oct 2023 13:22:41 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=4065f904169bcec56ec3d5b0eed6bd6e
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 15:16:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65368e64-16141"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 30 Oct 2023 13:22:41 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 30 Oct 2023 13:22:41 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 30 Oct 2023 13:22:41 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=0d9be2e0-384f-4b31-983f-7e634fd2774b&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=0d9be2e0-384f-4b31-983f-7e634fd2774b&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=0d9be2e0-384f-4b31-983f-7e634fd2774b&p_id=23
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=eda524d3-db0f-4396-b0c0-e4ca193877f2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=eda524d3-db0f-4396-b0c0-e4ca193877f2&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=64a68355-cbc8-40ac-9c73-8746110319b1&p_id=15
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=64a68355-cbc8-40ac-9c73-8746110319b1&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=64a68355-cbc8-40ac-9c73-8746110319b1&p_id=15
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Mon, 06 Nov 2023 12:22:41 GMT
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=10143&tvi50=9058&route=AM%3AIL%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
707405a019cd44052f044c98a2acb5a8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a86733ac3473da536279a6122c5a1fa6bbc6689aabf987c6eb00798639e9834

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
age
2486867
edge-cache-tag
623339125785972900001252263126646852320,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
623339125785972900001252263126646852320,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
657
expiration
expiry-date="Fri, 20 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cyclismactu.net/
content-length
40196
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200132-IAD, cache-iad-kiad7000095-IAD, cache-sna10731-LGB, cache-iad-kjyo7100097-IAD, cache-fra-eddf8230092-FRA
last-modified
Tue, 19 Sep 2023 09:35:23 GMT
server
nginx
surrogate-reporting
width=2000,height=1500,bytes=91474,owidth=2000,oheight=1500,obytes=117835
x-timer
S1698668562.764794,VS0,VE1
etag
"1f4e9f83944128ecdbf9d2923a13efcc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 9, 0, 29, 1
707405a019cd44052f044c98a2acb5a8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7d5f5df4a442a416a3c7ba4965a28d0972f39c039b8712e220e57f83d081eb2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
age
3521693
edge-cache-tag
623339125785972900001252263126646852320,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
623339125785972900001252263126646852320,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
526
req-referer
https://ibctamilnadu.com/
content-length
19906
x-request-id
651a28d30e4d596a41bc74314536660b
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200037-IAD, cache-iad-kcgs7200037-IAD, cache-sna10722-LGB, cache-iad-kjyo7100108-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 18 Sep 2023 09:59:25 GMT
server
nginx
surrogate-reporting
width=920,height=460,bytes=47069,owidth=2000,oheight=1500,obytes=117835
x-timer
S1698668562.764798,VS0,VE1
etag
"3390b16a319dcb5808f64dba6fc2df7a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 245, 1
86574f591fba8b39df23e108d283f3eb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0229b8f7cef98381e5f09831075229b0d2a1345e745a52ea7647af903df4c77a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
age
6678694
edge-cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
162
expiration
expiry-date="Mon, 04 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.welingelichtekringen.nl/
content-length
15838
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100026-IAD, cache-iad-kiad7000111-IAD, cache-iad-kiad7000026-IAD, cache-fra-eddf8230092-FRA
last-modified
Fri, 04 Aug 2023 13:06:08 GMT
server
nginx
x-timer
S1698668562.764668,VS0,VE3
etag
"31b3e1f176fa992927126e5c2f0323fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3365, 1
3e9a37287a836e12c9fa1c3327cb6a90.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e9a37287a836e12c9fa1c3327cb6a90.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf58844f0c1441045f45a317339f82c6598aeecbbf8cf50ceb9677e26216f8b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e9a37287a836e12c9fa1c3327cb6a90.jpeg
age
3395695
edge-cache-tag
538152974464509465931510481407109668312,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
538152974464509465931510481407109668312,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
194
expiration
expiry-date="Mon, 25 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://itest.5ch.net/rio2016/test/read.cgi/4sama/1693744061/
content-length
16750
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200044-IAD, cache-iad-kiad7000124-IAD, cache-iad-kcgs7200117-IAD, cache-fra-eddf8230092-FRA
last-modified
Fri, 25 Aug 2023 12:39:54 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=2250,oheight=1178,obytes=248306
x-timer
S1698668562.795003,VS0,VE1
etag
"10af8cf788243f69a6a204625ed6c9f0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 17, 1
8c6358ff0f54a9dae5ed2f97ad3539f1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c6358ff0f54a9dae5ed2f97ad3539f1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
120482bd695bc51f2afed1d91b774fcda15d7ed72dbd9594af3627325e57fc93

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c6358ff0f54a9dae5ed2f97ad3539f1.png
age
621131
edge-cache-tag
585940684916250660827688673416168602625,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
585940684916250660827688673416168602625,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
270
req-referer
https://news.walla.co.il/
content-length
38240
x-request-id
34bbbf71dd3f38833ba1cb68d4168b20
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200168-IAD, cache-iad-kcgs7200168-IAD, cache-lga21937-LGA, cache-iad-kcgs7200143-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 23 Oct 2023 07:49:58 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=71951,owidth=1200,oheight=800,obytes=1069930
x-timer
S1698668562.795104,VS0,VE1
etag
"6ac0204ac4b8f4ace6bf6467fc8c72ae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 0, 1
charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cc28d0a176f35b35fa18e9aa2e30a1f7e748abf0860edc1b12c7bcf7ab6f6ba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
age
1824994
edge-cache-tag
427087311953370252403554451481363684918,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
427087311953370252403554451481363684918,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
626
req-referer
https://www.t-online.de/
content-length
4382
x-request-id
2da81ebd420f54cab5193551e73c46dc
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000162-IAD, cache-iad-kcgs7200084-IAD, cache-sna10731-LGB, cache-iad-kiad7000060-IAD, cache-fra-eddf8230092-FRA
last-modified
Sun, 20 Aug 2023 23:28:38 GMT
server
nginx
x-timer
S1698668562.798349,VS0,VE1
etag
"1e15d59b9d245cc44814aec23b4c519c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 417, 1
8d6047d3979956e9ec9df08250d72ecf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d6047d3979956e9ec9df08250d72ecf.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ffd8aa4fb7360e42b6b088c3e4f2287e909b51c7b252f019694eb15e2e6e963b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d6047d3979956e9ec9df08250d72ecf.jpg
age
5975211
edge-cache-tag
513427785612405079756815756573094494609,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
513427785612405079756815756573094494609,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
286
req-referer
https://www.dadpatrol.com/
content-length
37278
x-request-id
2c98576d9f28ff7d0e4957b7e2cf373b
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200102-IAD, cache-iad-kcgs7200102-IAD, cache-bur-kbur8200156-BUR, cache-iad-kcgs7200080-IAD, cache-fra-eddf8230092-FRA
last-modified
Fri, 28 Jul 2023 18:47:32 GMT
server
nginx
x-timer
S1698668562.821146,VS0,VE1
etag
"4047e4fb03951eaeb9c672a3deb4d8db"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 9, 0, 2581, 1
707405a019cd44052f044c98a2acb5a8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e65d9bbe6ef1093ec61b6c0cbd8ced68a5341066fc3cd072a6740d2448c78060

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
age
2945360
edge-cache-tag
623339125785972900001252263126646852320,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
623339125785972900001252263126646852320,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
130
expiration
expiry-date="Fri, 20 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.dnaindia.com/
content-length
21378
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100057-IAD, cache-iad-kjyo7100057-IAD, cache-sna10730-LGB, cache-iad-kcgs7200081-IAD, cache-fra-eddf8230092-FRA
last-modified
Tue, 19 Sep 2023 10:29:17 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=51135,owidth=2000,oheight=1500,obytes=117835
x-timer
S1698668562.830218,VS0,VE1
etag
"39a91bc1cc0097b0f47eb3957e2087cf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 38, 1
8c6358ff0f54a9dae5ed2f97ad3539f1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c6358ff0f54a9dae5ed2f97ad3539f1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a478b7c3eaab145da40bebe3be19ffd48b62ac1f0a5939978483e38f1c6a69c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c6358ff0f54a9dae5ed2f97ad3539f1.png
age
615200
edge-cache-tag
585940684916250660827688673416168602625,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
585940684916250660827688673416168602625,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
208
req-referer
https://www.morgenpost.de/
content-length
42842
x-request-id
87236f99a680ff1704a329000c5d8f6f
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200082-IAD, cache-iad-kjyo7100073-IAD, cache-sna10738-LGB, cache-iad-kiad7000060-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 23 Oct 2023 07:50:32 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=78970,owidth=1200,oheight=800,obytes=1069930
x-timer
S1698668562.830636,VS0,VE2
etag
"360be5b2cbe4ba8fa144186ad5acc5b9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 5, 1, 5, 1
86574f591fba8b39df23e108d283f3eb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
64acd66b5e6b21034cf1cbcf982bcd80f5120da5cb4e6576d0594144484ada91

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
age
3044019
edge-cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
217
expiration
expiry-date="Mon, 04 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://leconjugueur.lefigaro.fr/
content-length
37504
x-backend-name
LA_nlb201
x-served-by
cache-iad-kjyo7100026-IAD, cache-iad-kcgs7200156-IAD, cache-sna10744-LGB, cache-iad-kcgs7200101-IAD, cache-fra-eddf8230092-FRA
last-modified
Fri, 04 Aug 2023 13:06:08 GMT
server
nginx
x-timer
S1698668562.849020,VS0,VE1
etag
"31b3e1f176fa992927126e5c2f0323fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 35, 1, 62, 1
3e9a37287a836e12c9fa1c3327cb6a90.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e9a37287a836e12c9fa1c3327cb6a90.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b02a2fcdbbb33781e3aa52e4cf6362f0d8fd5443fff073d3783e1042f04da67f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
21
date
Mon, 30 Oct 2023 12:22:41 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e9a37287a836e12c9fa1c3327cb6a90.jpeg
age
4767140
edge-cache-tag
538152974464509465931510481407109668312,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
538152974464509465931510481407109668312,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
385
expiration
expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.familie.de/
content-length
44966
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kiad7000101-IAD, cache-sna10727-LGB, cache-iad-kiad7000132-IAD, cache-fra-eddf8230092-FRA
last-modified
Sun, 20 Aug 2023 19:34:05 GMT
server
nginx
x-timer
S1698668562.856994,VS0,VE21
etag
"40622d25c9f84f2fdfddb4859c12234c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 23, 1, 194, 1
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A22%3A41.651&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6293&cv=20231030-8-RELEASE&lt=deflated&uuid=0e548ea3a6b343da401f68ee4914ef325a50c5e163bff699f1de9e453d4f6f34&dcc=1&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68361
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A22%3A41.652&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=4257&cv=20231030-8-RELEASE&lt=deflated&uuid=0e548ea3a6b343da401f68ee4914ef325a50c5e163bff699f1de9e453d4f6f34&dcc=2&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68361
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A22%3A41.657&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=2158&cv=20231030-8-RELEASE&lt=deflated&uuid=0e548ea3a6b343da401f68ee4914ef325a50c5e163bff699f1de9e453d4f6f34&dcc=3&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68361
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A22%3A41.658&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9492&cv=20231030-8-RELEASE&lt=deflated&uuid=0e548ea3a6b343da401f68ee4914ef325a50c5e163bff699f1de9e453d4f6f34&dcc=4&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68361
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A22%3A41.664&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=962&cv=20231030-8-RELEASE&lt=deflated&uuid=0e548ea3a6b343da401f68ee4914ef325a50c5e163bff699f1de9e453d4f6f34&dcc=5&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68361
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:9c09:4253:19bd:8f92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
br
age
3963098
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (ama/48CC)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 12:22:41 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
br
age
6931383
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 12:22:41 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 30 Oct 2023 12:22:41 GMT
content-encoding
br
age
3963098
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 12:22:41 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg2Njg1NjE4MjksInBhY2tldElkIjoiMDAwMEE3MDEtNDkzMzljZDctYmFlNy00M2Q2LTk0ZTMtYWNiNGMwYjkzOWYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3l1LWNlLWtlLXdlbi16aGUtZ3VvLXRhaS1taW5nLWNhbi14dWFuLXhpYS1jaGFuZy1jaGVuLXNodWktYmlhbi1jYWkteWluZy13ZW4teWluZy1oZW4tcWluZy1jaHUuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2902.7999954223633
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 883A 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19ffeb887608568d9b15448703a0aa2936785ddf09dcff04644270889e6c462a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10068
x-xss-protection
0
server
cafe
etag
12571098093080312014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:42 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame B2F7 		714 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
10717
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
81e3a0102a7835f7-FRA
content-encoding
br
content-type
text/html
date
Mon, 30 Oct 2023 12:22:41 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQkp4YRqAaFAet1QOS0JTyy3mA9OROS1BMPcDR6Zu0xiiSYJXMLUEvLuB8lQrF7kvliKqotFp1ljdWQQ5zw5yj6f555LQ9qtKcG88mDqlEaNHiwNvPv%2BqWuB%2BrclVthwLE4v6%2BRLv8T57ZxhzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D82F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Oct 2023 12:22:42 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 30 Oct 2023 12:22:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Mon, 30 Oct 2023 12:22:42 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
next-up-widget.20231030-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231030-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34eeb51e048f4bf762ed7c4c866478e7d5a0f4ef0203d0f2e90380b6f3e16004

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MFpKQnERzNw1St_hVDDgcUktLeZ9iXp.
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
TQCS928JE7VPEW22
age
1097
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
dZEU+s7toShLwUY+FZQaJeBCYYuRckdDI+W0sbQUmyXfVMH6m+jrlqCSgS4RDgKGxDPH//9F5Cs=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 12:04:25 GMT
server
AmazonS3
x-timer
S1698668562.951498,VS0,VE0
etag
"b3c396f6b4f2762cffd74da69f4f4886"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
95
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
322
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22344.1875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A22%3A41.953&id=9618&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1247%7D%22%2C%22eventTime%22%3A1698668561956%7D&tim=13%3A22%3A41.956&id=3218&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A22%3A41.966&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9277&cv=20231030-8-RELEASE&lt=deflated&uuid=0e548ea3a6b343da401f68ee4914ef325a50c5e163bff699f1de9e453d4f6f34&dcc=6&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68558
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 12:04:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Oct 2023 12:22:42 GMT
spa-detector.20231030-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231030-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3458b052be4e9c07aacfeaea8c28c821fd9201fe24210086801d4c5efa1ed458

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
J9UnOP5_UckdUPMhwyte_LLWbfRpKPb6
content-encoding
gzip
via
1.1 varnish
date
Mon, 30 Oct 2023 12:22:41 GMT
x-amz-request-id
MWNY3P501XJM1H7X
age
1087
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
BZOlJX1S0QCH9r/xb2NRyf2n6QbwpiA1lolrh60Fx8NDsrECicTgqq+vqaEv2TODFG15W/tPywU=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 30 Oct 2023 12:04:36 GMT
server
AmazonS3
x-timer
S1698668562.994106,VS0,VE0
etag
"2b67b963ce0882d6e9a40879002bfd87"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1342
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A22%3A41.969&id=6875&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1698668561978%7D&tim=13%3A22%3A41.978&id=9186&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A22%3A41.980&id=8402&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=9058&lti=deflated&ri=7ddde2c0d4127be2109f560c65cf0071&sd=v2_50547d32ec45366e29490ed680e970fe_84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591_1698668561_1698668561_CNawjgYQ2YJdGOmFpYS4MSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591&pi=/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&wi=-4614402468502495369&pt=text&vi=1698668561129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1698668561982%7D&tim=13%3A22%3A41.982&id=2877&llvl=2&cv=20231030-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg2Njg1NjIwMDYsInBhY2tldElkIjoiMDAwMEE3MDEtNDkzMzljZDctYmFlNy00M2Q2LTk0ZTMtYWNiNGMwYjkzOWYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3l1LWNlLWtlLXdlbi16aGUtZ3VvLXRhaS1taW5nLWNhbi14dWFuLXhpYS1jaGFuZy1jaGVuLXNodWktYmlhbi1jYWkteWluZy13ZW4teWluZy1oZW4tcWluZy1jaHUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3080
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg2Njg1NjIwMTEsInBhY2tldElkIjoiMDAwMEE3MDEtNDkzMzljZDctYmFlNy00M2Q2LTk0ZTMtYWNiNGMwYjkzOWYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3l1LWNlLWtlLXdlbi16aGUtZ3VvLXRhaS1taW5nLWNhbi14dWFuLXhpYS1jaGFuZy1jaGVuLXNodWktYmlhbi1jYWkteWluZy13ZW4teWluZy1oZW4tcWluZy1jaHUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3084.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg2Njg1NjIwMTMsInBhY2tldElkIjoiMDAwMEE3MDEtNDkzMzljZDctYmFlNy00M2Q2LTk0ZTMtYWNiNGMwYjkzOWYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3l1LWNlLWtlLXdlbi16aGUtZ3VvLXRhaS1taW5nLWNhbi14dWFuLXhpYS1jaGFuZy1jaGVuLXNodWktYmlhbi1jYWkteWluZy13ZW4teWluZy1oZW4tcWluZy1jaHUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3086.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1683120974810258&correlator=3135465297178415&eid=31079073&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&arp=1&abxe=1&dt=1698668562018&lmt=1698664962&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=736758696.1698668561&ga_sid=1698668561&ga_hid=816515634&ga_fc=true&dlt=1698668560711&idt=454&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_5_0_pv%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f055223a8b9a3f3084d425da9747d2dcf42e904a8d13316a6a8285babd6b1f82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15626
x-xss-protection
0
google-lineitem-id
6393702623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449154837
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl_page_level_ads.js?cb=31079073
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a03c4578f73d61ff2655eeb096a800f0bbd1da1a3477f7db4185fe2210740866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:40:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
78113
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
server
cafe
etag
13787945745808829369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 28 Oct 2024 14:40:49 GMT
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=10143&tvi50=9058&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B2F7 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f76893cee07289014f8cc2d307fd414c152458d19dc9e2510d4e20982d48619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29453
x-xss-protection
0
server
cafe
etag
698 / 19660 / 31079134 / config-hash: 17201585203636211321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:42 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg2Njg1NjIwMDYsInBhY2tldElkIjoiMDAwMEE3MDEtNDkzMzljZDctYmFlNy00M2Q2LTk0ZTMtYWNiNGMwYjkzOWYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3l1LWNlLWtlLXdlbi16aGUtZ3VvLXRhaS1taW5nLWNhbi14dWFuLXhpYS1jaGFuZy1jaGVuLXNodWktYmlhbi1jYWkteWluZy13ZW4teWluZy1oZW4tcWluZy1jaHUuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3108.3999938964844
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 30 Oct 2023 12:22:42 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
prebid-request
onetag-sys.com/ 		15 B
357 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 06 Nov 2023 12:22:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 883A 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38ac827e8993209190f726d4e0477ce3c221e8acdb08774e30b6d2c10b6561d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51149
x-xss-protection
0
server
cafe
etag
12742082711385302604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:42 GMT
usync.js
eus.rubiconproject.com/ Frame D82F 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aac79e100212384ae17538257576bdc5a8f354329d5c1e00d95047d2c836c7db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 12:22:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 09:03:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74434
Connection
keep-alive
Content-Length
11053
Expires
Tue, 31 Oct 2023 09:03:16 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231030
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2545e9db8fd27d8f072315b91467f140b957e02d17394ea99163bf15e71d9c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30108
x-jsd-version
1.0.1858
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230109-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"639-JIoH0rC3eM5Ma/34pnbUDocs2MQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BsBH8DbJOVEJu6Pe2folpX8RrEhY9CjdfMOoJkY0okIRmXv5KC%2FMfu2HCKVqOiiq9Mkwz%2Bsp2Lz95XfvQmiomXek6Sex5lrwZ7LHni4KYJmtkns8TnEGZbs6CgMlYUkBIPro9S2iJwvv%2Fv8wRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81e3a0120826994a-FRA
adreq
ads.servenobid.com/ 		592 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=1942
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e177769af8a2a9730b2463c84f57572d635efe8f94ac57334f2e13875ecd937d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
699ee875f8b62fa0c0fee58a7bab85ad4a7438790fbda54abe5b3bda723f4712

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=d4c87485-905d-464d-88c3-54389fc9c280%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E9%A0%90%E6%B8%AC%E6%9F%AF%E6%96%87%E5%93%B2%E3%80%81%E9%83%AD%E8%87%BA%E9%8A%98%E5%8F%83%E9%81%B8%E4%B8%8B%E5%A0%B4%E9%99%B3%E6%B0%B4%E6%89%81%EF%BC%9A%E8%94%A1%E8%8B%B1%E6%96%87%E6%87%89%E5%BE%88%E6%B8%85%E6%A5%9A&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=74699b75-83cd-435d-a5cf-23ca0c1324f5%3B37bc49e7-9908-493a-8246-e5c0c164a9ce&l_pb_bid_id=519e9a649b523e%3B625d0e5db1ce63&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=74699b75-83cd-435d-a5cf-23ca0c1324f5%3B37bc49e7-9908-493a-8246-e5c0c164a9ce&rp_maxbids=1&slots=2&rand=0.9844720370435984
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6a261c28e14f1c75a5ff3740c19ca4c1b9a2c13b397ae4e9a8e5065e2c31ba8f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.250.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-250-56.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
194276fa3bf4f4ca68f06b64985abc71492dfd36be9b1847dc33c0738cfe7475

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 30 Oct 2023 12:22:42 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 30 Oct 2023 12:22:41 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
prebidjs
rtb.openx.net/openrtbb/ 		53 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e337b8e835936fa69a08b5a9727656d5d5e8eeced8b256f9e97e3b7572760e9d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
f607c26594aebf1765ff874998484516267b88b4ce100f86d955362f214ef964

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
81
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 30 Oct 2023 12:22:42 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=36455435137&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 30 Oct 2023 12:22:42 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		250 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
605c2421f8e6e0ff1e1bdcca941b9401fcda473b55088479a9a8d9407aa490e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
an-x-request-uuid
42ca3cf4-9e3c-4989-a627-f3006cdc36ec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81e3a0126e0b92a7-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81e3a0126e1092a7-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid-request
a.teads.tv/hb/ 		2 KB
883 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3cc453e50fea6c37b754d0d7f23d3ca8f1691ce352d14dd289e9be6a13e6dfe

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
431
expires
Mon, 30 Oct 2023 12:22:42 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
15
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
111d1d98c3c9557133f64423dc02659bd2d5c8b3f8fef5f074ea0b62000df8b1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lJWxbr4wTHTiINFm9VOUtkVQ%2FAf35ubyL0mREJ%2FB2MluP4WTQU7n%2BMieJBOZ77bOySXuyqWQPPPCSO%2FK0lmjzp%2FNnc0OwpOyS8mgTIdXxYglepJM9yO0uvuLAfwXhfiavEu75WP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81e3a0125baf18df-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
111d1d98c3c9557133f64423dc02659bd2d5c8b3f8fef5f074ea0b62000df8b1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2UgiqoJDkYyMbDtCxZGTQgqzCLt%2BFyhFWgBwA3c9J%2Bt8eVGHU9dA2ZMTM3wEgJNnYVi4UraH571FEPXKOcaSk1rSxgKk4Qe3KkBfnjP3%2BihcC23UXNQyPTL5NVhfJCpDCHuSI3M"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81e3a0125bb518df-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
111d1d98c3c9557133f64423dc02659bd2d5c8b3f8fef5f074ea0b62000df8b1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeXnR9dbQ4yvZndDzOH55r6EFS7dohiO64Uy10JRLZu9S5lL8pwgXoKKJRi9tEXvMfKqimZrf2RqbWSmgy7nIBBM33P1fc8T98B1eIZfglaZ6iQkJ0nzQ%2FToDBvQTa1sM7DSKHUq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81e3a0125bb718df-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.140.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-140-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
accept-ch
sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/ Frame B2F7 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 13:56:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
80752
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134989
x-xss-protection
0
server
cafe
etag
2612702921649259081
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 28 Oct 2024 13:56:50 GMT
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=10143&tvi50=9058&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
707405a019cd44052f044c98a2acb5a8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e34e977b2406e56929f028862ffbda5ac7ea4634d107223c60ceaad444e1436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
age
3530023
edge-cache-tag
623339125785972900001252263126646852320,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
623339125785972900001252263126646852320,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
431
req-referer
https://stoppapressarna.se/
content-length
3176
x-request-id
8222b18efcd901e6a1f1facbc30d4414
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kjyo7100164-IAD, cache-lax10646-LGB, cache-iad-kiad7000162-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 18 Sep 2023 09:59:25 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=6092,owidth=2000,oheight=1500,obytes=117835
x-timer
S1698668562.282650,VS0,VE1
etag
"270192bec01242b8cd47ea7b1d28a7fc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 86, 1
8c6358ff0f54a9dae5ed2f97ad3539f1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c6358ff0f54a9dae5ed2f97ad3539f1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
caf154de4924b9fee9af6219c5a1a15d8e1cfb132987114489ffd622bd7b5e04

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c6358ff0f54a9dae5ed2f97ad3539f1.png
age
608115
edge-cache-tag
585940684916250660827688673416168602625,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
585940684916250660827688673416168602625,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
378
req-referer
https://www.schlager.de/
content-length
5754
x-request-id
cfb0a5654b2180c0c3fa43ea65681724
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100089-IAD, cache-iad-kiad7000047-IAD, cache-sna10722-LGB, cache-iad-kiad7000020-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 23 Oct 2023 07:50:32 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=9006,owidth=1200,oheight=800,obytes=1069930
x-timer
S1698668562.282617,VS0,VE1
etag
"202b6db315f0af33d252df0f8564d4e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2808c04bcca12e9343392a4bd6fcf32089375aa12307e57981ef87c4fbacf49b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
age
1629696
edge-cache-tag
427087311953370252403554451481363684918,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
427087311953370252403554451481363684918,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
78
expiration
expiry-date="Fri, 08 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.livedoor.com/
content-length
2128
x-backend-name
US_nlb102
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kiad7000121-IAD, cache-iad-kiad7000039-IAD, cache-fra-eddf8230092-FRA
last-modified
Tue, 08 Aug 2023 04:26:48 GMT
server
nginx
x-timer
S1698668562.282701,VS0,VE1
etag
"f06b51603b7004589625f39aec26ec82"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 26, 1
st
imprammp.taboola.com/ Frame DF66 		439 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&cmcv=&pix=undefined&cb=1698668562278&uv=3351&tms=1698668562278&abt=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2cd02ca0-d4ab-4d76-83f8-1ad5ecd20745&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d8596369bd570e4b327dbda1a51e0c77452ca7091a69d040d30e344ea541596

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 30 Oct 2023 12:22:42 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230092-FRA
x-timer
S1698668562.302762,VS0,VE10
sync
am-match.taboola.com/ Frame 0E3E 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
67d116fe59195ed04e2a589e8cb08442cbb1b5f4c4cb6cdd070f4c281f366d30

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 30 Oct 2023 12:22:42 GMT
machineid
3401
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698668562287&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1564&pt=1384933971&tz=60&viewable=true&ddast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ccdbf5cfe041882c25b7d948da3608cf2f39d4d2a1c9d66eacf2e2029e427919

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1430
x-cache
MISS
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1698668562.302721,VS0,VE33
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&cmcv=&pix=31589837&cb=1698668562278&uv=3351&tms=1698668562278&abt=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1698668558927.3!ts:1698668562278&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-length
0
server
nginx
khaos.json
token.rubiconproject.com/ Frame D82F 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 30 Oct 2023 13:22:42 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame 475D 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
210843
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 01:48:39 GMT
expires
Sun, 27 Oct 2024 01:48:39 GMT
last-modified
Fri, 27 Oct 2023 06:13:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Oct 2023 12:22:42 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F0C8 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 30 Oct 2023 12:58:00 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=g82sZLQOSWRJAxzujEQF1CIvDw932yQJglekhZFEfGNfY3Wkw2FR6ZIQewkbJRkg0t%2FxOQUjmojXiOo6nS9NDqed6pAaPaEkux1GMVy2eZkx3L%2BeWQ%2Ffsq8FlJUpEQNAUU8oLpqkFRMiYmvKzt88T%2FgRl7A0jgLb5zIGOyug0Vqr0EtscfiNHZVhiLR9Jw3F5V%2BAltSQRa1OwI%2F5f%2FVQ1MMWvl5TowJ%2F2YosCByrsieVGbRl5wr3WWT3cfDahJSG9%2FERwO5mOIupe6LD5e5oikP2FNVTLICFYRrbybWdjUvRhUNpIhd7V86D%2B83tIFSZlKstbJhP%2FxVRKIvnRuxHeBST2X8MrC2Sco6%2BnBE0xtNXz2WakXV5PtDZlrB3HHNCWKJXKancBTE2WvSbr8X2sIYCoqVfHMUP3YrcJNw2CJS87MbirTIg9wdzmfG814MGXG8NBmfndkD3CzO5L8neyjnPN%2Bk5lfWYPNg4CkBVgJfDnd5c%2BNGXsFVXC%2FQBwY35WjnjPba4Cwrz2a5m8AjTRxjkTjIyT8mh6NQSbW5oGi0hfuCmxaswz9JjALvnMdtcHtvew68um3MzI%2FuV4hX5jQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/ 		176 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 30 Oct 2023 12:22:42 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
generic
match.adsrvr.org/track/cmf/ Frame DF66 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&cmcv=&pix=undefined&cb=1698668562278&uv=3351&tms=1698668562278&abt=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2cd02ca0-d4ab-4d76-83f8-1ad5ecd20745&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591
pr-bh.ybp.yahoo.com/sync/taboola/ Frame DF66 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&cmcv=&pix=undefined&cb=1698668562278&uv=3351&tms=1698668562278&abt=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2cd02ca0-d4ab-4d76-83f8-1ad5ecd20745&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:865d:cd9c:e13b:6712 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame DF66 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&cmcv=&pix=undefined&cb=1698668562278&uv=3351&tms=1698668562278&abt=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2cd02ca0-d4ab-4d76-83f8-1ad5ecd20745&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 0E3E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 0E3E 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:865d:cd9c:e13b:6712 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_1/infra/ 		813 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8b5dcce5ae52a240d5e98a77a9825119634ec2edb925d279af19908b0371da47

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698126162
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2WEB5HRFKWNGVG4H
age
542094
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698126163
x-amz-meta-mode
33188
content-length
134828
x-amz-id-2
ygRKTSuI30xjbVGQYgC6HPs4F4QQmo0E4dMLgNCxXPBpCxTi+7An+0J9x200fYOXsd7ZnxbmQb8=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Tue, 24 Oct 2023 05:42:44 GMT
server
AmazonS3-br
x-timer
S1698668562.388025,VS0,VE0
etag
"649ccbcf74339543c3d3a922074eb580"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
185276
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_1/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698126181
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
DE47W2ZKZKPS5M4W
age
542094
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698126181
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
1jkbc4sVUK5Jfq19URpsqgkSm7yM+pac41seZBKIu3TAfASADbX+2rw/FXF+zKHw+RVUQiMhKts=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Tue, 24 Oct 2023 05:43:02 GMT
server
AmazonS3-br
x-timer
S1698668562.388017,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
474225
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:d000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:48:19 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2064
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
qt770eUkbCQo6GzRZH1n2R2BEj6YwFNMZV169JNTBryiejoGHvIwYw==
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ Frame 883A 		395 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28fd563a4a1ea2bcc7177e450c605bb349b91ae4649d3b1fa5ec5c79ba428d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137198
x-xss-protection
0
server
cafe
etag
1996803380818558314
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:42 GMT
707405a019cd44052f044c98a2acb5a8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e34e977b2406e56929f028862ffbda5ac7ea4634d107223c60ceaad444e1436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/707405a019cd44052f044c98a2acb5a8.jpg
age
3530023
edge-cache-tag
623339125785972900001252263126646852320,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
623339125785972900001252263126646852320,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
431
req-referer
https://stoppapressarna.se/
content-length
3176
x-request-id
8222b18efcd901e6a1f1facbc30d4414
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kjyo7100164-IAD, cache-lax10646-LGB, cache-iad-kiad7000162-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 18 Sep 2023 09:59:25 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=6092,owidth=2000,oheight=1500,obytes=117835
x-timer
S1698668562.416573,VS0,VE0
etag
"270192bec01242b8cd47ea7b1d28a7fc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 86, 2
8c6358ff0f54a9dae5ed2f97ad3539f1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c6358ff0f54a9dae5ed2f97ad3539f1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
caf154de4924b9fee9af6219c5a1a15d8e1cfb132987114489ffd622bd7b5e04

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c6358ff0f54a9dae5ed2f97ad3539f1.png
age
608115
edge-cache-tag
585940684916250660827688673416168602625,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
585940684916250660827688673416168602625,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
378
req-referer
https://www.schlager.de/
content-length
5754
x-request-id
cfb0a5654b2180c0c3fa43ea65681724
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100089-IAD, cache-iad-kiad7000047-IAD, cache-sna10722-LGB, cache-iad-kiad7000020-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 23 Oct 2023 07:50:32 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=9006,owidth=1200,oheight=800,obytes=1069930
x-timer
S1698668562.416563,VS0,VE0
etag
"202b6db315f0af33d252df0f8564d4e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2808c04bcca12e9343392a4bd6fcf32089375aa12307e57981ef87c4fbacf49b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
age
1629696
edge-cache-tag
427087311953370252403554451481363684918,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
427087311953370252403554451481363684918,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
78
expiration
expiry-date="Fri, 08 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.livedoor.com/
content-length
2128
x-backend-name
US_nlb102
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kiad7000121-IAD, cache-iad-kiad7000039-IAD, cache-fra-eddf8230092-FRA
last-modified
Tue, 08 Aug 2023 04:26:48 GMT
server
nginx
x-timer
S1698668562.416556,VS0,VE0
etag
"f06b51603b7004589625f39aec26ec82"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 26, 2
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 90DF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
60800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 19:29:22 GMT
etag
4569948109300706969
expires
Sun, 12 Nov 2023 19:29:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 4AD1 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:44:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Oct 2023 12:22:42 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 4AD1 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 16:20:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
72113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8598
x-xss-protection
0
server
cafe
etag
10300645532664441910
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 16:20:49 GMT
usync.html
eus.rubiconproject.com/ Frame B10B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Oct 2023 12:22:42 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
idsync
sync.aralego.com/ Frame D82F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOCVEJ6V-13-BF9A
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOCVEJ6V-13-BF9A
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOCVEJ6V-13-BF9A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 12:22:42 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOCVEJ6V-13-BF9A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 06:17:50 GMT
x-content-type-options
nosniff
age
194692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 06:17:50 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:55:47 GMT
x-content-type-options
nosniff
age
199615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 04:55:47 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127418
x-xss-protection
0
expires
Mon, 30 Oct 2023 12:22:42 GMT
usync.js
eus.rubiconproject.com/ Frame B10B 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aac79e100212384ae17538257576bdc5a8f354329d5c1e00d95047d2c836c7db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 12:22:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 09:03:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74434
Connection
keep-alive
Content-Length
11053
Expires
Tue, 31 Oct 2023 09:03:16 GMT
tap.php
pixel.rubiconproject.com/ Frame D82F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Q-ML2QDZaMz47Rmxeoj55sn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gghbCxtE2oJJ7PnuXWMufqoHvDRUZS.ZN5SRyw--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gghbCxtE2oJJ7PnuXWMufqoHvDRUZS.ZN5SRyw--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 30 Oct 2023 12:22:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gghbCxtE2oJJ7PnuXWMufqoHvDRUZS.ZN5SRyw--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame D82F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8nUvxUBuRi611QKTKzbBMA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8nUvxUBuRi611QKTKzbBMA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8nUvxUBuRi611QKTKzbBMA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7CS4C9A8Y2ARB9HHD2D5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8nUvxUBuRi611QKTKzbBMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D82F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9DVkVKNlYtMTMtQkY5QQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEABZqQyJ44FcD5-XhtQPHig&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9DVkVKNlYtMTMtQkY5QQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9DVkVKNlYtMTMtQkY5QQ==&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9DVkVKNlYtMTMtQkY5QQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
tap.php
pixel.rubiconproject.com/ Frame D82F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMxGb8UvOFK1HBMd0f5R4fI&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMxGb8UvOFK1HBMd0f5R4fI&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMxGb8UvOFK1HBMd0f5R4fI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame D82F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
setuid
px.ads.linkedin.com/ Frame D82F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOCVEJ6V-13-BF9A
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOCVEJ6V-13-BF9A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 13F717F7A3F643CE896F30BA859CE41E Ref B: ZRHEDGE1819 Ref C: 2023-10-30T12:22:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYI7hhLjsSLWq1aUlnIPw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOCVEJ6V-13-BF9A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D82F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5BCr10QuQHytNGwEH8r-hA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5BCr10QuQHytNGwEH8r-hA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5BCr10QuQHytNGwEH8r-hA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8FE09194594MAJ73JS59
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5BCr10QuQHytNGwEH8r-hA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D82F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA5OGRiNThhZTk0YmZlZmRmNjA4YjI4ZDY1Zjk2ZjgzODliNmE5Mg
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA5OGRiNThhZTk0YmZlZmRmNjA4YjI4ZDY1Zjk2ZjgzODliNmE5Mg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA5OGRiNThhZTk0YmZlZmRmNjA4YjI4ZDY1Zjk2ZjgzODliNmE5Mg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D82F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABKl07Kf0AAABlNN5Ezng&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABKl07Kf0AAABlNN5Ezng&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABKl07Kf0AAABlNN5Ezng&expires=30
Date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame D82F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LOCVEJ6V-13-BF9A
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LOCVEJ6V-13-BF9A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Server
216.52.2.91 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:42 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LOCVEJ6V-13-BF9A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
setuid
ib.adnxs.com/prebid/ Frame D82F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOCVEJ6V-13-BF9A
43 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOCVEJ6V-13-BF9A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
an-x-request-uuid
1e7cc8f4-e7e5-4467-a802-247df825b67b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOCVEJ6V-13-BF9A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
tap.php
pixel.rubiconproject.com/ Frame D82F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f2bf897b-88a0-4ada-aea5-88c7203f3f13&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f2bf897b-88a0-4ada-aea5-88c7203f3f13&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f2bf897b-88a0-4ada-aea5-88c7203f3f13&expires=30
Date
Mon, 30 Oct 2023 12:22:43 GMT
Connection
keep-alive
X-CI-RTID
049a307a-b138-4868-8aea-09af6ba3ef42
Content-Length
144
Content-Type
text/html; charset=utf-8
check
pixel.tapad.com/idsync/ex/receive/ Frame D82F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOCVEJ6V-13-BF9A
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOCVEJ6V-13-BF9A
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOCVEJ6V-13-BF9A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOCVEJ6V-13-BF9A
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
magnite
prebid.a-mo.net/setuid/ Frame D82F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LOCVEJ6V-13-BF9A
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOCVEJ6V-13-BF9A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOCVEJ6V-13-BF9A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
cksync
hb.yahoo.net/ Frame D82F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOCVEJ6V-13-BF9A&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOCVEJ6V-13-BF9A&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1DUS5raUI1RTJ1RWIxQkxSUmpwaFMyOVYxc05tSHpMZX5B&ovsid=LOCVEJ6V-13-BF9A&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1DUS5raUI1RTJ1RWIxQkxSUmpwaFMyOVYxc05tSHpMZX5B&ovsid=LOCVEJ6V-13-BF9A&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
23.48.23.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-4.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 30 Oct 2023 12:22:43 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Mon, 30 Oct 2023 12:22:43 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1DUS5raUI1RTJ1RWIxQkxSUmpwaFMyOVYxc05tSHpMZX5B&ovsid=LOCVEJ6V-13-BF9A&dpid=58160
date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
liveCS.php
live.primis.tech/live/ Frame D82F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOCVEJ6V-13-BF9A
0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOCVEJ6V-13-BF9A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
2600:9000:236e:7200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
hlkWXaX1CNaBSW9dKg8m7o63B9DHjM4HtenXBBdsBVjYfO4hiD_X7Q==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOCVEJ6V-13-BF9A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
480_650.mp4
cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/ 		348 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 30 Oct 2023 12:22:42 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10143&tvi50=9058&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
70
date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59205
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1698668563.825328,VS0,VE70
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
a1551001.js
js.genieessp.com/t/551/001/ Frame 1FB7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/551/001/a1551001.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.129 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 08:10:59 GMT
server
nginx
etag
W/"65016e93-2598"
content-type
application/javascript
cache-control
max-age=900, private
cross-origin-resource-policy
cross-origin
expires
Mon, 30 Oct 2023 12:37:43 GMT
rx_lidar.js
securepubads.g.doubleclick.net/pagead/managed/js/activeview/current/ Frame 1FB7 		187 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/activeview/current/rx_lidar.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
978a1111529218cbe53e77b5d72b1c055d5b4b8dcfa8f857e7ea60cac645018f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:39:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
2597
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57459
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-7
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:39:25 GMT
pixel;r=578407366;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html;uh=e51ed67dfb8d91dc24...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=578407366;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1799381941-1698668562382;pbc=d4c87485-905d-464d-88c3-54389fc9c280;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1698668562840;tzo=-60;ogl=;ses=e1aca74b-5e3f-4274-8538-de0af286ddbd;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame B2F7 		492 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1140702754723076&correlator=4427991004375834&eid=31079126%2C31079134%2C31078978&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1698668562861&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=n4oufq5eqqk4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qM1gLG8h59A3PmuD5Ux9os21EyNvLOOhEWFtJ5rPLS-sYo0I7RZ9GHBsAUwmyv3p-wYJ-tsoyo_tE1F-cu5iej1gc8K4SDlekB4K1EYHJ6ANQWbndpHOQf2kTRKWf1IBJAJBTCyH7PrdqCTrdw8boRZxC54Z71fSK5QOmKbRwqsmaEy47v0RPxNECTPkOxYkLeAyc6EZVbxow&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1979159101.1698668563&ga_sid=1698668563&ga_hid=30226222&ga_fc=false&dlt=1698668562022&idt=601&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f27bbf4f80d22e09b9af3c272cd4cbdb783b1178a5d0c81bd01c02a895f76884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B2F7 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5c981ce03f9e23cf2c3fbe40c692c973cd6fd0b80e5775486beef6bd9feb7d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12177
x-xss-protection
0
container.html
2bbb5cd83d31683e5097831f559a4e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6243 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2bbb5cd83d31683e5097831f559a4e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:42 GMT
expires
Tue, 29 Oct 2024 12:22:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:42 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1231168
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1698668563.981900,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
68665
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.6.4/ 		426 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.6.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5af0dc859041c89bf851237f7f3a1e5ecacf33d3ca6b639b56c5ec08e6e9add5

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698483664
date
Mon, 30 Oct 2023 12:22:43 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
WFFAARTPCHM85DGR
age
184827
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698483676
x-amz-meta-mode
33188
content-length
81953
x-amz-id-2
INdxtVTjYreA7ajvgcqaYb1g/H0J7t6XlnAVLUZPdSOwOZwj3YvZd9Idm5LlHtGcqXNGGh4MAug=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Sat, 28 Oct 2023 09:01:17 GMT
server
AmazonS3-br
x-timer
S1698668563.008602,VS0,VE0
etag
"046e2210e98a96b334df701c991c6569"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
162525
sync
am-match.taboola.com/ Frame F293 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
bf4c243f4ae334d8428dfae1f5e414955657154801cb25cae65acbb2fc6691bb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 30 Oct 2023 12:22:43 GMT
machineid
3402
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&cmcv=&pix=31579697&cb=1698668562995&uv=3351&tms=1698668562995&su=3&abt=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-length
0
server
nginx
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS95dS1jZS1rZS13ZW4temhlLWd1by10YWktbWluZy1jYW4teHVhbi14aWEtY2hhbmctY2hlbi1zaHVpLWJpYW4tY2FpLXlpbmctd2VuLXlpbmctaGVuLXFpbmctY2h1Lmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS00OTMzOWNkNy1iYWU3LTQzZDYtOTRlMy1hY2I0YzBiOTM5ZjAiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZjZmNzdhYTMtOTI3Yi00YTBhLWFmNmMtMzk3MGRiNWY3YWYyIiwidGltZU9mQXVjdGlvbiI6MTY5ODY2ODU2MjE4NiwiYmlkcyI6W3siY3BtIjowLjA1LCJhZElkIjoiNzY1ZTMxYmIxNGU4NGI3Iiwib3JpZ2luYWxDcG0iOjAuMDUsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MjIsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4NjY4NTYyNjE3fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6InJ1Ymljb24iLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc2NWUzMWJiMTRlODRiNyIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwNX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZjZmNzdhYTMtOTI3Yi00YTBhLWFmNmMtMzk3MGRiNWY3YWYyIiwidGltZU9mQXVjdGlvbiI6MTY5ODY2ODU2MjE4NiwiYmlkcyI6W3siY3BtIjowLjA1LCJhZElkIjoiNzU4MjIxMmRjMDA4ZWJiIiwib3JpZ2luYWxDcG0iOjAuMDUsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MjAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4NjY4NTYyNjE1fSx7ImNwbSI6MC4xLCJhZElkIjoiNzdjMTAyYWVmODhlMWRkIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjgwNCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg2Njg1NjMwMTl9LHsiY3BtIjowLjEsImFkSWQiOiI3ODIyN2IzZjFmMjFhYmIiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6ODA1LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODY2ODU2MzAyMH0seyJjcG0iOjAuMSwiYWRJZCI6Ijc5ZGFkZTQ4NzM0ZjUwNCIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo4MDUsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4NjY4NTYzMDIwfSx7ImNwbSI6MC4xLCJhZElkIjoiODAwZTE5M2RlZDc4NmRjIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjgwNiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg2Njg1NjMwMjF9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoidGVhZHMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc3YzEwMmFlZjg4ZTFkZCIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxfV0sImNvdW50cnkiOiJDSCJ9&c_b=4099.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
480_650.mp4
cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/ 		238 KB
239 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16646144-

Response headers

Date
Mon, 30 Oct 2023 12:22:43 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16646144-16890123/16890124
Connection
keep-alive
Content-Length
243980
cookie.js
partner.googleadservices.com/gampad/ Frame 883A 		210 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7df1bd0474b17cf214e5570ffbead38f5ea44f83de4a81363d166b30c1c1252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1B7F 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
237cdfb2609df7d134d1ec9c784c4fbf4df49c30214a66455c239318a6a66683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15767
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Mon, 30 Oct 2023 12:22:43 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
3119908
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1698668563.123959,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
383032
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 30 Oct 2023 12:22:43 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
8110
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1698668563.124090,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
27
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6643
khaos.json
token.rubiconproject.com/ Frame B10B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LOCVEJ6V-13-BF9A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1683120974810258&correlator=137603961064873&eid=31079073&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&arp=1&abxe=1&dt=1698668563132&lmt=1698664963&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsnxZfiU-cWuiwRKC_bdSoix4kRwEAuJ0Z_zhC2zcolr9tsL650k7MeAis8Wxj6wGj8Ooo6tDrpEyam2m1JcLSc&ga_vid=736758696.1698668561&ga_sid=1698668561&ga_hid=816515634&ga_fc=true&dlt=1698668560711&idt=454&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26refresh27Split%3Drefresh_control_2_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D77c102aef88e1dd%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfe760847a95d586e39d0d0f33a82a23a89bd32a3466d4c6c40a2452b4bf082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11767
x-xss-protection
0
google-lineitem-id
5221339621
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294466381
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1683120974810258&correlator=137603961064873&eid=31079073&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&arp=1&abxe=1&dt=1698668563136&lmt=1698664963&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsnxZfiU-cWuiwRKC_bdSoix4kRwEAuJ0Z_zhC2zcolr9tsL650k7MeAis8Wxj6wGj8Ooo6tDrpEyam2m1JcLSc&ga_vid=736758696.1698668561&ga_sid=1698668561&ga_hid=816515634&ga_fc=true&dlt=1698668560711&idt=454&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.05%26hb_ap_adid%3D765e31bb14e84b7%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1369342bb8d2e449ea1727894b65e851d7205be8ff0c1f206716f107b38a7b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12098
x-xss-protection
0
google-lineitem-id
5221339615
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138441555757
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mkDpklRF6G1bhmmWenqvLjvpUAWpHFt9fAtLk8xVbcP2KRQKy18l0FQ%2F8XAVRa6iqphdIUIVNWJPFjJRNk%2FsOrwYWrWVy%2Fu9YKo495g2jq%2F4kmg5tEyaFFwoXvEmFePpz0Nv7EOynr2Jy1x8rjsnIw7HNYgOJ1x2bVaE%2B%2Fx6qpjCOr9TMN4IM6eNA...
ad.vidverto.io/delivery/video/pod/ Frame 475D 		53 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/mkDpklRF6G1bhmmWenqvLjvpUAWpHFt9fAtLk8xVbcP2KRQKy18l0FQ%2F8XAVRa6iqphdIUIVNWJPFjJRNk%2FsOrwYWrWVy%2Fu9YKo495g2jq%2F4kmg5tEyaFFwoXvEmFePpz0Nv7EOynr2Jy1x8rjsnIw7HNYgOJ1x2bVaE%2B%2Fx6qpjCOr9TMN4IM6eNADrUy3KDkrUssR7UbNM8BE8V5HPbKC7u79RfSQigSPud%2FANJFU3WX5MtQRBOGltP8unZ%2FKrxtgoXA2ABi%2FFjj7ToQHhsvkdjkNPrn7rY3oXDbBIOWUUFUEi6YOXY8n%2FPZH6oSQCjH29SjI2Y3JfDnc9pr3yc2%2F2p3z8TX5iEJtOAsPat8qXL1jL0ULEj9yYHKB4mXoHa8Imfkyth5z%2F%2BfVZFBNCC0zWSuP%2BWqz4TlOws1y9ArxjUuaT0T1xyd3TdqijW9JtcXmviA44fi%2Fs2tm%2BQ5yjoLYS9A5dRyn3M07VNA8M99oPL%2B2Khe62S%2BX%2F8hr1s5NpSVFfPpZG%2FCkxhCywA35YBV%2FSivuhyqFhdikxDMBw6HLaHkeWvLM5ts7Dmur%2FlCua4hBww9G53e1a4FaAT%2Bv93Ly4moVzXJTu6pcUmguRm2UyTLqHk%2BeU2OTzNj88Rj5fLDNM8mUj4k2BhSmadrLCkZ5Dn8UMQj0nrUh%2F9Yy%2F5tKHmYOVJAg6TpS3ORL%2F22kewDX7dq0wnW2bJpyt9jQwhiDeQNOw7alBhQ0FzrORyhYKIrfPBUHRVkbqS9FZTXdj8IhFlodclndC2QfK8B%2BMZJqrAYOBtFl85PmIGKVJd1T2av6uBBCZ05fy2AmIqj5no?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3869d7f457714f847553bb43a56e4cd99b40e007e8a0c6361e7f0e5bd19340dc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame F293 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame F293
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-PLGW9HFE2oStNBJplUn77kZsIz4ELK1YSGsK.A--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-PLGW9HFE2oStNBJplUn77kZsIz4ELK1YSGsK.A--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31108

Redirect headers

date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-PLGW9HFE2oStNBJplUn77kZsIz4ELK1YSGsK.A--~A
content-length
0
sync
x.bidswitch.net/ Frame F293 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.220.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-220-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame 8DE3 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
210844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 01:48:39 GMT
expires
Sun, 27 Oct 2024 01:48:39 GMT
last-modified
Fri, 27 Oct 2023 06:13:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F77C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 30 Oct 2023 12:58:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B2F7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Oct 2023 12:22:43 GMT
csi
csi.gstatic.com/ Frame 475D 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~locveje1&c=6288048498641&slotId=3144024249320.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
L2EveXUtY2Uta2Utd2VuLXpoZS1ndW8tdGFpLW1pbmctY2FuLXh1YW4teGlhLWNoYW5nLWNoZW4tc2h1aS1iaWFuLWNhaS15aW5nLXdlbi15aW5nLWhlbi1xaW5nLWNodS5odG1s.json
cdn.adpushup.com/42753/ 		555 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveXUtY2Uta2Utd2VuLXpoZS1ndW8tdGFpLW1pbmctY2FuLXh1YW4teGlhLWNoYW5nLWNoZW4tc2h1aS1iaWFuLWNhaS15aW5nLXdlbi15aW5nLWhlbi1xaW5nLWNodS5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 29 Oct 2024 12:22:43 GMT
date
Mon, 30 Oct 2023 12:22:04 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
/
adx3.adform.net/adx/ Frame 475D 		65 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame 475D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=371501234201618&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYHTcNLAsQvgBPBKU1-kHTw%3A1698672161%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=CA5727A5-78FE-4C19-B3DC-143131A9D24B&nel=0&eid=44772139%2C44777649%2C44781409%2C44785453%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=1698668563405&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&scor=597393775506659&ged=ve4_td2_tt0_pd2_la2000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 475D 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=371501234201618&cust_params=mt_fln%3D1.5&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYHTcNLAsQvgBPBKU1-kHTw%3A1698672161%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=CA5727A5-78FE-4C19-B3DC-143131A9D24B&nel=0&eid=44772139%2C44777649%2C44781409%2C44785453%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=1698668563408&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&scor=597393775506659&ged=ve4_td2_tt0_pd2_la2000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 475D 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=371501234201618&cust_params=mt_fln%3D1.3&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYHTcNLAsQvgBPBKU1-kHTw%3A1698672161%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=CA5727A5-78FE-4C19-B3DC-143131A9D24B&nel=0&eid=44772139%2C44777649%2C44781409%2C44785453%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=1698668563411&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&scor=597393775506659&ged=ve4_td2_tt0_pd2_la2000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 475D 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=371501234201618&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYHTcNLAsQvgBPBKU1-kHTw%3A1698672161%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=CA5727A5-78FE-4C19-B3DC-143131A9D24B&nel=0&eid=44772139%2C44777649%2C44781409%2C44785453%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=1698668563413&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&scor=597393775506659&ged=ve4_td2_tt0_pd2_la2000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 475D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=371501234201618&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYHTcNLAsQvgBPBKU1-kHTw%3A1698672161%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=CA5727A5-78FE-4C19-B3DC-143131A9D24B&nel=0&eid=44772139%2C44777649%2C44781409%2C44785453%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=1698668563415&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&scor=597393775506659&ged=ve4_td2_tt0_pd2_la2000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 475D 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=371501234201618&cust_params=mt_fln%3D0.8&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYHTcNLAsQvgBPBKU1-kHTw%3A1698672161%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=CA5727A5-78FE-4C19-B3DC-143131A9D24B&nel=0&eid=44772139%2C44777649%2C44781409%2C44785453%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=1698668563417&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&scor=597393775506659&ged=ve4_td2_tt0_pd2_la2000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 475D 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=371501234201618&cust_params=target%3D0.5&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYHTcNLAsQvgBPBKU1-kHTw%3A1698672161%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=CA5727A5-78FE-4C19-B3DC-143131A9D24B&nel=0&eid=44772139%2C44777649%2C44781409%2C44785453%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=1698668563420&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&scor=597393775506659&ged=ve4_td2_tt0_pd2_la2000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6EA2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
59864
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 19:44:59 GMT
expires
Mon, 28 Oct 2024 19:44:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8AAB 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
833d7e22705e3957e978bf7605ff0a393961661750db4ddee3d26389b12bd4b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FkjMSm16haUvjJrrnAZIPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FkjMSm16haUvjJrrnAZIPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:43 GMT
expires
Mon, 30 Oct 2023 12:22:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 1AB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulUN8lCSr-HAigS_A6aEzNUmQ4t_FSbVsck4DIj0GdiddfBW9YjS8Sx0eQcm0EWtqeCXI__LNjPaaPIGg7HYtesNUoBPev358ygNA623QQv_eID5jL1Wm-nZE9idRRK1UhzoNlRfdL2p-6xG7tyFbHJsN1N7Mp9EIOsqpuKpySLAoMiPisqw9xC9cgFLtnZmtlD3fCBUY1nN5vWZbKg2NO1Z1kMaHSu28GuKRe-QO4Vsa9aPy0jaZ8XKwuWvCpPCKO9RVzN-avN9CDMXeV1-laMGUtpX4yg2vmpewGHpsZNh8t2O5kdFYfnDM8CyrlvFvglDiRYpxJIIKUkbAuijXultj73WkX&sai=AMfl-YSCMtwDkIHNwjqXHbC5qzt1RZ4xcBPV1EtxGgDX56b6ze4MWoWyB-RxCUe0GAAf9LWhELnsRSLxfdICdMkAJy2WB5_D3ovdJhhEW2AmwnloaZ6_cOiflWPPfvHJ6g&sig=Cg0ArKJSzGidLuetDy1sEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:9c09:4253:19bd:8f92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3B2D 		267 B
121 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNVMFln1Xs2yi6CcuTaiCm4G9SkqyvlPT3-GHoYMNYZCxsgx_A9PYhXn-ZtSoAkQidQ7ir_Y1SnlmIPn-scHuy1aPjmSIw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1AB4 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:43 GMT
r62eglto.js
ad4m.at/ Frame 1AB4 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
280523
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFSaDZG9xtoBuI3WoSfIR%2FKSmC3fER7TIBbBOBWWmfnjbQDw64%2FoLFnnQ7%2BVDNcxjlR3mzUBY1ary8LXkjp4ZcC6umVQmfPsWF%2F9fat6HR9eF2pjx1cQvznFMfuqKnXSs0VvgW8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
81e3a01a1cbe9be0-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 27 Oct 2023 06:27:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AB4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DT9Oc9zvpUKTGnuiceT5uIt5o5kTzOHmnyBdhJM4s5DGPbMGKDhtW0gwxqVqV_4FGPyziYbIDbFSKrt2S769faiaiyqm77W6_fgmOUFL3f_IPr82Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AB4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17194141723031649970&x=8&ct=77
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0a9b18de-ebd5-444f-bb72-9c6a5b8e47e1
beacon-ams3.rubiconproject.com/beacon/d/ Frame 1AB4 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/0a9b18de-ebd5-444f-bb72-9c6a5b8e47e1?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=2&e=6A1E40E384DA563B526B7728CC60D087183D3E6CBFE02ACF8784A3DF795056277D29063B1DBC8882B4106BA42B5830BA9F0BE1F8337FD75D8A161C6198549E69CA40C81D233B824C01BCD94F5EF8021496B879F01F8B1ACF6DECA1360A002FD753653B1EB51FED716A591E0EAD8E0E74F7CFA26A595B831014DD8147029F9E67F1CA1D67F7645BF27EF4CF4681AB02A095784C189B7DF22471F44EC3EAFFD43730C4877E5328C7FAAE81D62D21E7ED0B9B0BC6EF7900FC0A46E0C338056D8A9A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:42 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1AB4 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:43 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS95dS1jZS1rZS13ZW4temhlLWd1by10YWktbWluZy1jYW4teHVhbi14aWEtY2hhbmctY2hlbi1zaHVpLWJpYW4tY2FpLXlpbmctd2VuLXlpbmctaGVuLXFpbmctY2h1Lmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS00OTMzOWNkNy1iYWU3LTQzZDYtOTRlMy1hY2I0YzBiOTM5ZjAiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNSwicmVzcG9uc2VUaW1lIjo0MjIsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InJ1Ymljb24iLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDA1LCJ3aW5uZXJBZFVuaXRJZCI6Ijc2NWUzMWJiMTRlODRiNyIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbNSwzXSwic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiNzI4eDkwIiwicHJlYmlkQXVjdGlvbklkIjoiZjZmNzdhYTMtOTI3Yi00YTBhLWFmNmMtMzk3MGRiNWY3YWYyIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4525.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 6EA2 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 08:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
13204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 08:42:39 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3B2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESENtFi8Hddh0xFRRuY1ktFSE&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESENtFi8Hddh0xFRRuY1ktFSE&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=efffa26a7bed60e21a8b25cb7d735d95&uid=efffa26a7bed60e21a8b25cb7d735...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNVMFln1Xs2yi6CcuTaiCm4G9SkqyvlPT3-GHoYMNYZCxsgx_A9PYhXn-ZtSoAkQidQ7ir_Y1SnlmIPn-scHuy1aPjmSIw
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:43 GMT
Last-Modified
Mon, 30 Oct 2023 12:22:43 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3B2D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNVMFln1Xs2yi6CcuTaiCm4G9SkqyvlPT3-GHoYMNYZCxsgx_A9PYhXn-ZtSoAkQidQ7ir_Y1SnlmIPn-scHuy1aPjmSIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/ 		136 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=163840-

Response headers

Date
Mon, 30 Oct 2023 12:22:43 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 163840-16890123/16890124
Connection
keep-alive
Content-Length
16726284
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AB4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3710212953190&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AB4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3710212953190&version=m202309260101&ct=77&x=8&cor=17194141723031650000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1AB4 		32 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dr_Zd7Dhn6KjgU2HkCM2EkIDCDf_qfTddoEQsAfeO6Ng2xpiFEI3IIFswr2rZgwQy7Ic_250XrE1nevIoQ9rj5nl-3qGVNjK0OEFcT4QdAdKdI4m5hgYUKFy03MHewP5IKSP5OAqedlFLhGqikZV-b7OgoDv1Wkl5s2RMPrTxDhzoXEyc&cry=1&dbm_d=AKAmf-AVpR-KnCj4-LuEY0gfAJk5v5uE6lXJqHvmynV1l57WITclSb-7G6dvREN7ucmOi_KdA9BKyPCw-IKcVaVxc9AWk0dLYDHsX2eO6h-5dB7L5lw0U63J2kWnOPk0xDNyMGNDnw9m3t5RZvPz2fdvO3Y8mjGUi2rrrLMQH_M_avIhd_AxJpp27o-4PZSfZdwew2WKTpYYdV5La0jHZKdu6aDvjMo0lJAXgoWrzcNtDNJRQc3mw3qVvojKLKowUqfsyiPSSi_xz_NkeGqEgx9H24zUa1Qp-irGSUz08f4MWRrry7erjSH-CMtJ2AwV66jeWBMHuXs8tpEGmqAlZ2oqGxygP-1AoVrwPUdJsEyDELubsWo9Nl8Ydo8FmOFkJP5xnZWAdORwB41q1fQciaravRYbVB4S12dMLJ9oQzJdCj0IsPIyXTU95TVezVJZGLEX682WA7GyWD_r2RHBS5fj26yZgWr4PIeuUDoUiPN4bjKyyVpI3kOrjxYRWe3Yp0XIXP2ERLwGRdDwGe2YMStfknCQACztB7x4maReq1H4NbE9fonFtmq1gYr-3zBtXbnTBmRKYE2oKdiYtSPqVpVHS08pMI-yYbdpoygGHQ54TaleC1xfO2EZtL3XxXqKYFeryHRcjCSPgNl0qvA2Pr2PmcHbL2hbP1wsNIbQOX9aMelZD47D_ccwQi6bgGNHJf9zPKYB1OwTGNVxcSA3PxL8jwqHuTy24yz6AKBfue2nfr92cE5eID0qIGS_Q-j49UhTpF_ULa7nTxEXVk6FD-q0JvrM1gbGWL8Mt43swypIMItq7-jsPE0t_P-G8CfXpGCMV485y3lo2M8bfHz_1TePYNdIw53pqjtfoM74AyjEFBncMuV1sNgdtBXahdk7ngUJ1nCh8ShHYEfryUQzOum0RqUN8lV-mWe18xnlXYkv8ZlkWBAexvQGnqC_Iy2zbgHayZHOrCvLd5d4-Wzm6SwPsB2afypcUcvKVhNvz2OuokdCcIlxsyhaKdlzdWzgULQ7K8msq4ZzRT3VPnvxlfrCWqMtJQ7UM-OwzLEtOCQsju_em9ZRocINWZyrRRAppwtxok9qmNKzC4yvNysfxFE8S34vVuIWy-uyNyfBgdbowU49ZQkpJX1ohL8sCDS323ipx2iTwFzjydenhj5gz_4Rz1smqfPsZDxhRL5VygM7F6TIwOU73AIO2dFN31qI6DPv2oLUR58GR3bYFv9m-xjd_mSUiXjfmd78Gs-wJzln3av6zLWChSIO5zQTUnZ0Xo9ShaQEUFtg5lEa9FuJePf0DGM8qv5UrOyetNCZc_PlKyRdPGhlPxx2lXShEQckSEbPqcKGseXOTm-gHV5zE66idk57k8Ige8IvMp1y_pCTrVbBxWTA6oc4r8CDsFGFiZHJy51yUgS3vyaKXSMJX4-LAkc23vJYjf721snkihD9okC90x-8g9qFLDxt71ph6X3IegC24XZ5-rWp8o8j1VmQRM3f9pVBkmKVnZxEXEJKJjxQHngWZU0_-ZNXBwpQR1ghH4COIy5yT9humRE3K-Rx3ptVo3vyQ--IkRbtI17fJodaZlgWIlBhD6qz1KClwn4lWfilpYNzALBoDj76FL0vW9csTFyMVod4B5Clz_1U83nKTNEBl0Tc9tPysi8_j7kk8cX8VR9VJAXW_Eu2YMbbhlg4JYTsahxgPdEbfbns7cIe0oaVRoTNUB7GE-RnSsr5UchDHQOgePtu-KzM5DHQx8I2w3JGZXpZ8nINRXOZAB5gOwD1iEl36Q8EcRaERJVAK2VYiROGi_0R2vuYVPWSC2F4MJYJAv5N_mNTBj144TSQ-XIYkGJ3LCkaaKD7BGskplgiZKt62M0fUtEZJVm26d57NN5-E71EaaN8uslEzM9_QMaD-9s92Ea2jXtgdPwcfaNmWChS30hAmXFsVfzyz8IOtVOVBYFPwmWIK1cbASK3HJfENMG9Lg6ZaUvErMLkEWqSoA-3ONfc8cCLlmTJf3rW-Rew_CwvvPkR4Brf3S9L31Tvj60VGi9UWDkRxJlfp8-JHCIh--dB3abA-3Iytue6bbOnRHJ1D_TMWPkRO5hlk0-yIL7-8_q406iRwEjaMXBiCJXdYj9OXg_2Rd2Etq8eiDhSMQvM6uApb2o3J76-cD8FclG0XZpL5P41n4SxPEKbFu67F8Qr3IjqXCfczK6jRBBom4b6PJx8qNWQYBQga3tDVuZT5omhc_euXtjxFTcv4X5bVFb0726wDgLwk2KaxWSUzBHY1BEM-Kh9HXcZEEcJeHXEhwwnAapcBjFqm3ynFlNL0Nm8tmQAqIULVnITQJmU_dZQ4Vhl3cVbBB10epz_9bUbM8l0KRAiOVD3dnDBxwAWEXlf5WCwt97ReEklatvyemj3TectvnNpa-KRCe7kIBXLjJV9xlnUWi8u_TXFnXJm9aAxK0MF5NQCTcv542GlhA66I3Fp8HbKwzmEckqSAKF00R5BYVn9AtCb6yMIQWVF2XaOhkVCF82botX1x81QLlqQbU34lUh1fKVuu8Psad7i_iXHDbTt-T2O3MX8KnS13Ic08qDZfQk-eD4mY6-l7bowEJmK4WlSFpwCjS3bU5w3BJbJc1aL6884hi7AHAbvmr8KAbNWptxCwvl79Fd7qzMSaQZOFNPhb7wqTFfT0RCfKMQDdFLAcaI9ua_KX3KyDjkFRYED9IERs5CjsICijEcC4I49qnMED77mSOOMBvhIFTFi3EmVMVTwJUgYm_DUbELZcmVnp7oLpxMzikRWYv6tO2ERkbXzU0EB8ZJnxAyq_uDIZttrT9slyJ-I7_jxdb_HmCuemZlggV0HkIij1o7KPA1W7Xa95Qpis_N2CyrocIN17h80ISIGVEoA3CcSfPUJg3f1lk55GsYbh2Q9spz4DChnaykSVZtQJd6B5NW0lFPfyevBfbIA-_Utnc-RURCpP7jQtlCR95TXMCm_oT9LM8XcVY7Zz_Qc4cKzRhC8IDUZ6LAafbNrg83HLGShO7HXSJ3IVFT8O9c77uXe_kInB4FnVXCjrdowECZ1u_AXfEJUYFf5B0mImWSEW3_Sxv57Cvk7YSqq2YKHRMDJCJJSIZ0UmW1z1hw7pIAE4ZDqQjl9OJ253RLIfjZY3yawMdaI1DyZL2kB-ay3KDzKQyQNAOkHJ8a1-_Wq_EQ76XoNruSW3spJlaio99TVLuUiR4DaVWkXkJJfcCJsQvxidCslsu_zjooxkrGKmE0BeK0XusXFdoVNBTVCQ86Y9Fjig6YVyzr_qW5OJBsM6rbZVguniUmIP-KeYoOSTUlqElUC7TQq6RjdkDirc9QR_ipq2IkjYycrRBk0wtf4Cgw1i9CzuKH9HeMZVoSldyk9ExhaE4heuOX2Fn_-tU6i7LWa-nRbF8NThKQcLwkC1c9xTboZy2LmVyMCQ3fs-UMpUBJgaiMSyrH0nCOgupXxrhTo8g7ghFV_ZTqBZWuVuMyyeW4ho43FE4e0M-2YiSj-2VIhHxLz9WSr2LTFx3SQw8JEW0OHNR7OBDC6KotFK5GX72Xk-utE6MeUrkWa-IMvgNm_bEfn5-L9KcBNRmYLru77WC7vrKTZg2z8NCQsWZBxNQmGg_bd4k3rZqZT2jiF38VdavbDcekJ26agcYT6F6pX&pr=8%3A1192B2C83A8D3567&cid=CAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ds=l&xdt=0&iif=1&cor=17194141723031650000&adk=1830721898&idt=78&cac=0&dtd=53
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
002d7f468210de71d46d1699840ed74fec4da08867525caefef95b3f9641051e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19273
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8AAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310240101&jk=1140702754723076&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6EA2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?g3SKLQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 475D 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~locvejxh&c=6288048498641&slotId=3144024249320.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44785453%2C44802463&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 475D 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 1AB4 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dr_Zd7Dhn6KjgU2HkCM2EkIDCDf_qfTddoEQsAfeO6Ng2xpiFEI3IIFswr2rZgwQy7Ic_250XrE1nevIoQ9rj5nl-3qGVNjK0OEFcT4QdAdKdI4m5hgYUKFy03MHewP5IKSP5OAqedlFLhGqikZV-b7OgoDv1Wkl5s2RMPrTxDhzoXEyc&cry=1&dbm_d=AKAmf-AVpR-KnCj4-LuEY0gfAJk5v5uE6lXJqHvmynV1l57WITclSb-7G6dvREN7ucmOi_KdA9BKyPCw-IKcVaVxc9AWk0dLYDHsX2eO6h-5dB7L5lw0U63J2kWnOPk0xDNyMGNDnw9m3t5RZvPz2fdvO3Y8mjGUi2rrrLMQH_M_avIhd_AxJpp27o-4PZSfZdwew2WKTpYYdV5La0jHZKdu6aDvjMo0lJAXgoWrzcNtDNJRQc3mw3qVvojKLKowUqfsyiPSSi_xz_NkeGqEgx9H24zUa1Qp-irGSUz08f4MWRrry7erjSH-CMtJ2AwV66jeWBMHuXs8tpEGmqAlZ2oqGxygP-1AoVrwPUdJsEyDELubsWo9Nl8Ydo8FmOFkJP5xnZWAdORwB41q1fQciaravRYbVB4S12dMLJ9oQzJdCj0IsPIyXTU95TVezVJZGLEX682WA7GyWD_r2RHBS5fj26yZgWr4PIeuUDoUiPN4bjKyyVpI3kOrjxYRWe3Yp0XIXP2ERLwGRdDwGe2YMStfknCQACztB7x4maReq1H4NbE9fonFtmq1gYr-3zBtXbnTBmRKYE2oKdiYtSPqVpVHS08pMI-yYbdpoygGHQ54TaleC1xfO2EZtL3XxXqKYFeryHRcjCSPgNl0qvA2Pr2PmcHbL2hbP1wsNIbQOX9aMelZD47D_ccwQi6bgGNHJf9zPKYB1OwTGNVxcSA3PxL8jwqHuTy24yz6AKBfue2nfr92cE5eID0qIGS_Q-j49UhTpF_ULa7nTxEXVk6FD-q0JvrM1gbGWL8Mt43swypIMItq7-jsPE0t_P-G8CfXpGCMV485y3lo2M8bfHz_1TePYNdIw53pqjtfoM74AyjEFBncMuV1sNgdtBXahdk7ngUJ1nCh8ShHYEfryUQzOum0RqUN8lV-mWe18xnlXYkv8ZlkWBAexvQGnqC_Iy2zbgHayZHOrCvLd5d4-Wzm6SwPsB2afypcUcvKVhNvz2OuokdCcIlxsyhaKdlzdWzgULQ7K8msq4ZzRT3VPnvxlfrCWqMtJQ7UM-OwzLEtOCQsju_em9ZRocINWZyrRRAppwtxok9qmNKzC4yvNysfxFE8S34vVuIWy-uyNyfBgdbowU49ZQkpJX1ohL8sCDS323ipx2iTwFzjydenhj5gz_4Rz1smqfPsZDxhRL5VygM7F6TIwOU73AIO2dFN31qI6DPv2oLUR58GR3bYFv9m-xjd_mSUiXjfmd78Gs-wJzln3av6zLWChSIO5zQTUnZ0Xo9ShaQEUFtg5lEa9FuJePf0DGM8qv5UrOyetNCZc_PlKyRdPGhlPxx2lXShEQckSEbPqcKGseXOTm-gHV5zE66idk57k8Ige8IvMp1y_pCTrVbBxWTA6oc4r8CDsFGFiZHJy51yUgS3vyaKXSMJX4-LAkc23vJYjf721snkihD9okC90x-8g9qFLDxt71ph6X3IegC24XZ5-rWp8o8j1VmQRM3f9pVBkmKVnZxEXEJKJjxQHngWZU0_-ZNXBwpQR1ghH4COIy5yT9humRE3K-Rx3ptVo3vyQ--IkRbtI17fJodaZlgWIlBhD6qz1KClwn4lWfilpYNzALBoDj76FL0vW9csTFyMVod4B5Clz_1U83nKTNEBl0Tc9tPysi8_j7kk8cX8VR9VJAXW_Eu2YMbbhlg4JYTsahxgPdEbfbns7cIe0oaVRoTNUB7GE-RnSsr5UchDHQOgePtu-KzM5DHQx8I2w3JGZXpZ8nINRXOZAB5gOwD1iEl36Q8EcRaERJVAK2VYiROGi_0R2vuYVPWSC2F4MJYJAv5N_mNTBj144TSQ-XIYkGJ3LCkaaKD7BGskplgiZKt62M0fUtEZJVm26d57NN5-E71EaaN8uslEzM9_QMaD-9s92Ea2jXtgdPwcfaNmWChS30hAmXFsVfzyz8IOtVOVBYFPwmWIK1cbASK3HJfENMG9Lg6ZaUvErMLkEWqSoA-3ONfc8cCLlmTJf3rW-Rew_CwvvPkR4Brf3S9L31Tvj60VGi9UWDkRxJlfp8-JHCIh--dB3abA-3Iytue6bbOnRHJ1D_TMWPkRO5hlk0-yIL7-8_q406iRwEjaMXBiCJXdYj9OXg_2Rd2Etq8eiDhSMQvM6uApb2o3J76-cD8FclG0XZpL5P41n4SxPEKbFu67F8Qr3IjqXCfczK6jRBBom4b6PJx8qNWQYBQga3tDVuZT5omhc_euXtjxFTcv4X5bVFb0726wDgLwk2KaxWSUzBHY1BEM-Kh9HXcZEEcJeHXEhwwnAapcBjFqm3ynFlNL0Nm8tmQAqIULVnITQJmU_dZQ4Vhl3cVbBB10epz_9bUbM8l0KRAiOVD3dnDBxwAWEXlf5WCwt97ReEklatvyemj3TectvnNpa-KRCe7kIBXLjJV9xlnUWi8u_TXFnXJm9aAxK0MF5NQCTcv542GlhA66I3Fp8HbKwzmEckqSAKF00R5BYVn9AtCb6yMIQWVF2XaOhkVCF82botX1x81QLlqQbU34lUh1fKVuu8Psad7i_iXHDbTt-T2O3MX8KnS13Ic08qDZfQk-eD4mY6-l7bowEJmK4WlSFpwCjS3bU5w3BJbJc1aL6884hi7AHAbvmr8KAbNWptxCwvl79Fd7qzMSaQZOFNPhb7wqTFfT0RCfKMQDdFLAcaI9ua_KX3KyDjkFRYED9IERs5CjsICijEcC4I49qnMED77mSOOMBvhIFTFi3EmVMVTwJUgYm_DUbELZcmVnp7oLpxMzikRWYv6tO2ERkbXzU0EB8ZJnxAyq_uDIZttrT9slyJ-I7_jxdb_HmCuemZlggV0HkIij1o7KPA1W7Xa95Qpis_N2CyrocIN17h80ISIGVEoA3CcSfPUJg3f1lk55GsYbh2Q9spz4DChnaykSVZtQJd6B5NW0lFPfyevBfbIA-_Utnc-RURCpP7jQtlCR95TXMCm_oT9LM8XcVY7Zz_Qc4cKzRhC8IDUZ6LAafbNrg83HLGShO7HXSJ3IVFT8O9c77uXe_kInB4FnVXCjrdowECZ1u_AXfEJUYFf5B0mImWSEW3_Sxv57Cvk7YSqq2YKHRMDJCJJSIZ0UmW1z1hw7pIAE4ZDqQjl9OJ253RLIfjZY3yawMdaI1DyZL2kB-ay3KDzKQyQNAOkHJ8a1-_Wq_EQ76XoNruSW3spJlaio99TVLuUiR4DaVWkXkJJfcCJsQvxidCslsu_zjooxkrGKmE0BeK0XusXFdoVNBTVCQ86Y9Fjig6YVyzr_qW5OJBsM6rbZVguniUmIP-KeYoOSTUlqElUC7TQq6RjdkDirc9QR_ipq2IkjYycrRBk0wtf4Cgw1i9CzuKH9HeMZVoSldyk9ExhaE4heuOX2Fn_-tU6i7LWa-nRbF8NThKQcLwkC1c9xTboZy2LmVyMCQ3fs-UMpUBJgaiMSyrH0nCOgupXxrhTo8g7ghFV_ZTqBZWuVuMyyeW4ho43FE4e0M-2YiSj-2VIhHxLz9WSr2LTFx3SQw8JEW0OHNR7OBDC6KotFK5GX72Xk-utE6MeUrkWa-IMvgNm_bEfn5-L9KcBNRmYLru77WC7vrKTZg2z8NCQsWZBxNQmGg_bd4k3rZqZT2jiF38VdavbDcekJ26agcYT6F6pX&pr=8%3A1192B2C83A8D3567&cid=CAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ds=l&xdt=0&iif=1&cor=17194141723031650000&adk=1830721898&idt=78&cac=0&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 16:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
72438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 16:15:25 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1AB4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dr_Zd7Dhn6KjgU2HkCM2EkIDCDf_qfTddoEQsAfeO6Ng2xpiFEI3IIFswr2rZgwQy7Ic_250XrE1nevIoQ9rj5nl-3qGVNjK0OEFcT4QdAdKdI4m5hgYUKFy03MHewP5IKSP5OAqedlFLhGqikZV-b7OgoDv1Wkl5s2RMPrTxDhzoXEyc&cry=1&dbm_d=AKAmf-AVpR-KnCj4-LuEY0gfAJk5v5uE6lXJqHvmynV1l57WITclSb-7G6dvREN7ucmOi_KdA9BKyPCw-IKcVaVxc9AWk0dLYDHsX2eO6h-5dB7L5lw0U63J2kWnOPk0xDNyMGNDnw9m3t5RZvPz2fdvO3Y8mjGUi2rrrLMQH_M_avIhd_AxJpp27o-4PZSfZdwew2WKTpYYdV5La0jHZKdu6aDvjMo0lJAXgoWrzcNtDNJRQc3mw3qVvojKLKowUqfsyiPSSi_xz_NkeGqEgx9H24zUa1Qp-irGSUz08f4MWRrry7erjSH-CMtJ2AwV66jeWBMHuXs8tpEGmqAlZ2oqGxygP-1AoVrwPUdJsEyDELubsWo9Nl8Ydo8FmOFkJP5xnZWAdORwB41q1fQciaravRYbVB4S12dMLJ9oQzJdCj0IsPIyXTU95TVezVJZGLEX682WA7GyWD_r2RHBS5fj26yZgWr4PIeuUDoUiPN4bjKyyVpI3kOrjxYRWe3Yp0XIXP2ERLwGRdDwGe2YMStfknCQACztB7x4maReq1H4NbE9fonFtmq1gYr-3zBtXbnTBmRKYE2oKdiYtSPqVpVHS08pMI-yYbdpoygGHQ54TaleC1xfO2EZtL3XxXqKYFeryHRcjCSPgNl0qvA2Pr2PmcHbL2hbP1wsNIbQOX9aMelZD47D_ccwQi6bgGNHJf9zPKYB1OwTGNVxcSA3PxL8jwqHuTy24yz6AKBfue2nfr92cE5eID0qIGS_Q-j49UhTpF_ULa7nTxEXVk6FD-q0JvrM1gbGWL8Mt43swypIMItq7-jsPE0t_P-G8CfXpGCMV485y3lo2M8bfHz_1TePYNdIw53pqjtfoM74AyjEFBncMuV1sNgdtBXahdk7ngUJ1nCh8ShHYEfryUQzOum0RqUN8lV-mWe18xnlXYkv8ZlkWBAexvQGnqC_Iy2zbgHayZHOrCvLd5d4-Wzm6SwPsB2afypcUcvKVhNvz2OuokdCcIlxsyhaKdlzdWzgULQ7K8msq4ZzRT3VPnvxlfrCWqMtJQ7UM-OwzLEtOCQsju_em9ZRocINWZyrRRAppwtxok9qmNKzC4yvNysfxFE8S34vVuIWy-uyNyfBgdbowU49ZQkpJX1ohL8sCDS323ipx2iTwFzjydenhj5gz_4Rz1smqfPsZDxhRL5VygM7F6TIwOU73AIO2dFN31qI6DPv2oLUR58GR3bYFv9m-xjd_mSUiXjfmd78Gs-wJzln3av6zLWChSIO5zQTUnZ0Xo9ShaQEUFtg5lEa9FuJePf0DGM8qv5UrOyetNCZc_PlKyRdPGhlPxx2lXShEQckSEbPqcKGseXOTm-gHV5zE66idk57k8Ige8IvMp1y_pCTrVbBxWTA6oc4r8CDsFGFiZHJy51yUgS3vyaKXSMJX4-LAkc23vJYjf721snkihD9okC90x-8g9qFLDxt71ph6X3IegC24XZ5-rWp8o8j1VmQRM3f9pVBkmKVnZxEXEJKJjxQHngWZU0_-ZNXBwpQR1ghH4COIy5yT9humRE3K-Rx3ptVo3vyQ--IkRbtI17fJodaZlgWIlBhD6qz1KClwn4lWfilpYNzALBoDj76FL0vW9csTFyMVod4B5Clz_1U83nKTNEBl0Tc9tPysi8_j7kk8cX8VR9VJAXW_Eu2YMbbhlg4JYTsahxgPdEbfbns7cIe0oaVRoTNUB7GE-RnSsr5UchDHQOgePtu-KzM5DHQx8I2w3JGZXpZ8nINRXOZAB5gOwD1iEl36Q8EcRaERJVAK2VYiROGi_0R2vuYVPWSC2F4MJYJAv5N_mNTBj144TSQ-XIYkGJ3LCkaaKD7BGskplgiZKt62M0fUtEZJVm26d57NN5-E71EaaN8uslEzM9_QMaD-9s92Ea2jXtgdPwcfaNmWChS30hAmXFsVfzyz8IOtVOVBYFPwmWIK1cbASK3HJfENMG9Lg6ZaUvErMLkEWqSoA-3ONfc8cCLlmTJf3rW-Rew_CwvvPkR4Brf3S9L31Tvj60VGi9UWDkRxJlfp8-JHCIh--dB3abA-3Iytue6bbOnRHJ1D_TMWPkRO5hlk0-yIL7-8_q406iRwEjaMXBiCJXdYj9OXg_2Rd2Etq8eiDhSMQvM6uApb2o3J76-cD8FclG0XZpL5P41n4SxPEKbFu67F8Qr3IjqXCfczK6jRBBom4b6PJx8qNWQYBQga3tDVuZT5omhc_euXtjxFTcv4X5bVFb0726wDgLwk2KaxWSUzBHY1BEM-Kh9HXcZEEcJeHXEhwwnAapcBjFqm3ynFlNL0Nm8tmQAqIULVnITQJmU_dZQ4Vhl3cVbBB10epz_9bUbM8l0KRAiOVD3dnDBxwAWEXlf5WCwt97ReEklatvyemj3TectvnNpa-KRCe7kIBXLjJV9xlnUWi8u_TXFnXJm9aAxK0MF5NQCTcv542GlhA66I3Fp8HbKwzmEckqSAKF00R5BYVn9AtCb6yMIQWVF2XaOhkVCF82botX1x81QLlqQbU34lUh1fKVuu8Psad7i_iXHDbTt-T2O3MX8KnS13Ic08qDZfQk-eD4mY6-l7bowEJmK4WlSFpwCjS3bU5w3BJbJc1aL6884hi7AHAbvmr8KAbNWptxCwvl79Fd7qzMSaQZOFNPhb7wqTFfT0RCfKMQDdFLAcaI9ua_KX3KyDjkFRYED9IERs5CjsICijEcC4I49qnMED77mSOOMBvhIFTFi3EmVMVTwJUgYm_DUbELZcmVnp7oLpxMzikRWYv6tO2ERkbXzU0EB8ZJnxAyq_uDIZttrT9slyJ-I7_jxdb_HmCuemZlggV0HkIij1o7KPA1W7Xa95Qpis_N2CyrocIN17h80ISIGVEoA3CcSfPUJg3f1lk55GsYbh2Q9spz4DChnaykSVZtQJd6B5NW0lFPfyevBfbIA-_Utnc-RURCpP7jQtlCR95TXMCm_oT9LM8XcVY7Zz_Qc4cKzRhC8IDUZ6LAafbNrg83HLGShO7HXSJ3IVFT8O9c77uXe_kInB4FnVXCjrdowECZ1u_AXfEJUYFf5B0mImWSEW3_Sxv57Cvk7YSqq2YKHRMDJCJJSIZ0UmW1z1hw7pIAE4ZDqQjl9OJ253RLIfjZY3yawMdaI1DyZL2kB-ay3KDzKQyQNAOkHJ8a1-_Wq_EQ76XoNruSW3spJlaio99TVLuUiR4DaVWkXkJJfcCJsQvxidCslsu_zjooxkrGKmE0BeK0XusXFdoVNBTVCQ86Y9Fjig6YVyzr_qW5OJBsM6rbZVguniUmIP-KeYoOSTUlqElUC7TQq6RjdkDirc9QR_ipq2IkjYycrRBk0wtf4Cgw1i9CzuKH9HeMZVoSldyk9ExhaE4heuOX2Fn_-tU6i7LWa-nRbF8NThKQcLwkC1c9xTboZy2LmVyMCQ3fs-UMpUBJgaiMSyrH0nCOgupXxrhTo8g7ghFV_ZTqBZWuVuMyyeW4ho43FE4e0M-2YiSj-2VIhHxLz9WSr2LTFx3SQw8JEW0OHNR7OBDC6KotFK5GX72Xk-utE6MeUrkWa-IMvgNm_bEfn5-L9KcBNRmYLru77WC7vrKTZg2z8NCQsWZBxNQmGg_bd4k3rZqZT2jiF38VdavbDcekJ26agcYT6F6pX&pr=8%3A1192B2C83A8D3567&cid=CAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ds=l&xdt=0&iif=1&cor=17194141723031650000&adk=1830721898&idt=78&cac=0&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
381617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 02:22:26 GMT
usync.html
eus.rubiconproject.com/ Frame E696 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Oct 2023 12:22:43 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 1AB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWixt6EMmqMD-IWX7uaTfFcV64cQaO_RGes_J2OnUj8j3MlIZrbcjdZkQHNJpDcevZOhJ7K4qx612l6ZEt__RH1ykmOkgLruoehUgvvGw3qpSAmOMwS8ELH5gydnEfXa-GNlfnhZG-Rrhw9cumlQkzO2qzdIkGentVjJHDtCxqJ4JWqu5zcc0_laPwKll-ooJebNInjn9aVVSzKiagG7Ei4UvJ0lxdb_JZXhqjpL6sQCubBg5d-F_P_ohc2_Oj_1MFGOOixJZsDmkQi8Zub_ZDH1BNsXX_3-vhhJl799v-RCU_Ekcgir91LYVmhIvsQRJ2Wo6bmez9mspBpi9JHs7DDv3pNRfbmyk&sai=AMfl-YS9GT1OuanCoRj1tW3xWPKu7YuYxYU2xmjLfNfjGmAON3HDb_oRIh0qA3Fh12DrQ3PdS833PPXASymV7Ulg8ocD30WUHQTCYPU4L7JbXJFcLaI0EhhSgXu6Z4LFhw&sig=Cg0ArKJSzKRzQExEjZupEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Oct 2023 12:22:43 GMT
truncated
/ Frame 1AB4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb4c0530ef507e3bb40b7c886b8d0ae8aae5fb122fd5e666ea8731e47547d7d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
js
www.googletagmanager.com/gtag/ 		270 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
921b92577a209f2ff48b88a6f3b16aa9d4b58f40a85ac6dd549d29a504678e2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91376
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 30 Oct 2023 12:22:43 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:9c09:4253:19bd:8f92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
r62eglto.js
ad4m.at/ Frame 1AB4 		25 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
280523
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrN9ka3R%2Fwi%2By62yvIRBhazmt%2BXaor6z3qqAabtTDEukEfZqqLwQHTuYq4n5hpPrmnNFby6FAb9xA%2BsIzg21S%2F9BTqhnob%2BdWqaptpE3Skwkajf8IMSE3cb5UJRSG4vJtGjBlP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
81e3a01bbeaf9be0-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 27 Oct 2023 06:27:20 GMT
csi
csi.gstatic.com/ Frame 475D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~locvek81&c=6288048498641&slotId=3144024249320.5&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 475D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
frame.html
ad4m.at/ Frame 2473 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
829502
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
81e3a01bcecb9be0-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 12:22:43 GMT
expires
Tue, 17 Oct 2023 13:36:06 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yy0aTTwiqydqdYpsaLGWDC1XjBGC%2FBTbj4rLcqy0nwtaJeOYB4sGbxDwJZgYCMILdTIJjd%2FAtP5DFlMiCyHCPma80QCPoW7JX3kv7bpNCstWBw2ANT0cLJjiem6WA2gBy793fA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 475D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame E696 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aac79e100212384ae17538257576bdc5a8f354329d5c1e00d95047d2c836c7db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 12:22:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 09:03:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74433
Connection
keep-alive
Content-Length
11053
Expires
Tue, 31 Oct 2023 09:03:16 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 475D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame D8B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVw9Cuq_4sOHFb0aeMmwTcT7gjtRoKUcAsJSCfb94wEFQWoou0GfsW1ANO2CVpoodkxdxzo4a9PLrKy61rrI5vm2_PENwBwrjamx_cEp119yfyBEAYqI9ioCBeGOGGqOxmqcqBKx7XFucPI1B45Vu7qAFERbqlwTCAxDdcaqVuEfWpQPzXH9M6Z3is_istDyd84Dh72pOXqh5kgTm9rvVUvwMTMfireV-E48J_ZReO3cwJoB0jNa10cHW88CIiMtbhcKBNE_KY9CFGvYYJqjlws20c-IyV940m2Yz1eXxs1i2n7U08Xf-ytY8Vg0nZIVSZn9a9lg97sODwdUu4lU8MbW4GFlZQ&sai=AMfl-YR6jHE0IAdzpKUkxqtvR_QS26LFT6O7-x2gbIT6JwVhW1uuZnG50zHTKhG34tQCja0DGkEUekOgJTeC-ni47rJYUSwvvoBpzCEd8Ow56Z7d9Z4rkgxGqWlFeQGe8w&sig=Cg0ArKJSzDexl3QecHeuEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:9c09:4253:19bd:8f92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41
a.teads.tv/hb/ad/ Frame D8B2 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
970b9b8166f81dcf28474bd444bf0626168005c347260efe8b46864d5b51b37d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2467
expires
Mon, 30 Oct 2023 12:22:43 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:9c09:4253:19bd:8f92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c
a.teads.tv/hb/ad/ Frame A5BB 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
71017043ca2d89ccf1a8d025035a69285d85c1ff62d203f18f182434b436e2c7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2465
expires
Mon, 30 Oct 2023 12:22:43 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:9c09:4253:19bd:8f92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D8B2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:43 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS95dS1jZS1rZS13ZW4temhlLWd1by10YWktbWluZy1jYW4teHVhbi14aWEtY2hhbmctY2hlbi1zaHVpLWJpYW4tY2FpLXlpbmctd2VuLXlpbmctaGVuLXFpbmctY2h1Lmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS00OTMzOWNkNy1iYWU3LTQzZDYtOTRlMy1hY2I0YzBiOTM5ZjAiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwicmVzcG9uc2VUaW1lIjo4MDQsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InRlYWRzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAxLCJ3aW5uZXJBZFVuaXRJZCI6Ijc3YzEwMmFlZjg4ZTFkZCIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjMwMHgyNTAiLCJwcmViaWRBdWN0aW9uSWQiOiJmNmY3N2FhMy05MjdiLTRhMGEtYWY2Yy0zOTcwZGI1ZjdhZjIiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=4900.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS95dS1jZS1rZS13ZW4temhlLWd1by10YWktbWluZy1jYW4teHVhbi14aWEtY2hhbmctY2hlbi1zaHVpLWJpYW4tY2FpLXlpbmctd2VuLXlpbmctaGVuLXFpbmctY2h1Lmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS00OTMzOWNkNy1iYWU3LTQzZDYtOTRlMy1hY2I0YzBiOTM5ZjAiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwicmVzcG9uc2VUaW1lIjo4MDUsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InRlYWRzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAxLCJ3aW5uZXJBZFVuaXRJZCI6Ijc4MjI3YjNmMWYyMWFiYiIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjMwMHgyNTAiLCJwcmViaWRBdWN0aW9uSWQiOiJmNmY3N2FhMy05MjdiLTRhMGEtYWY2Yy0zOTcwZGI1ZjdhZjIiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=4913.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 1FB7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1551001&cb=39319261690&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&sw=1200&sh=1600&topframe=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
1e7b97266aa978a1ae9f78f02410bb52903fdba12fc91747115a1431361236dd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 1FB7 		633 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/551/001/a1551001.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6::210:6570 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
content-type
text/javascript
cache-control
private, max-age=3600
content-length
445
expires
Mon, 30 Oct 2023 13:22:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 1B7F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 19:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:44:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 1B7F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 19:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 19:44:58 GMT
l
www.google.com/ads/measurement/ Frame 1B7F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIuOpnSskBglJ-VRzQFR24kb40xI1Yudwyc8kKK-15nW0frh9X533QzvA3xj8JisaXGqoCZdxh4RG6rD9KpwaMw6St6w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B7F 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Oct 2023 12:22:43 GMT
csi
csi.gstatic.com/ Frame 475D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~locvekb0&c=6288048498641&slotId=3144024249320.5&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 11F4 		53 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2cc05167b8f79fedda8d89d27c36d96d8813bebcffbb0daaac196ef5c6acef89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:43 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dyZaMX3DAo3hgswbTMZ2M8578F65GlC5Ydiw0PLYu7de-F_G4zmeQ1NxVWPOvv9l45i2jhR4_Lxqh40xoJsIy4Oko2CLGofqR8UD7iTp1jWAASS75e6Q5S__GX1_zh0NQnUVPNDfgtooceTQA1zFrjYh38nz9TQIvRpZxOVEOtgkqIyB6xElNDU_IyozSRJ9JFtGMe7vsXZ_kK0LkCsrrn7EPsU7f37hx8dhsGRh2bTu1NwG3-SWJPrus7SYverQDzaauw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3038136
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 49AF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
36036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 02:22:07 GMT
etag
48472445140208031
expires
Tue, 31 Oct 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 475D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A240 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
274137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 08:13:46 GMT
expires
Sat, 26 Oct 2024 08:13:46 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 475D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3ap0v886690812&_p=816515634&gcd=11l1l1l1l1&cid=736758696.1698668561&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698668563&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=%E9%A0%90%E6%B8%AC%E6%9F%AF%E6%96%87%E5%93%B2%E3%80%81%E9%83%AD%E8%87%BA%E9%8A%98%E5%8F%83%E9%81%B8%E4%B8%8B%E5%A0%B4%E3%80%80%E9%99%B3%E6%B0%B4%E6%89%81%EF%BC%9A%E8%94%A1%E8%8B%B1%E6%96%87%E6%87%89%E5%BE%88%E6%B8%85%E6%A5%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D8B2 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b707c07fa66acb3d5f0ee7558d76f7073e546f9a993c5f307a4156527d69f5d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
carousel.js
a.teads.tv/media/flavors/ Frame D8B2 		88 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/flavors/carousel.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d846da62c6cac3a0cb074cb52a597e1c1ac6faa4d3bbf8db0aa2159910e506c2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 09:47:43 GMT
x-amz-request-id
JTD6JBRYBRCHWDQ5
etag
"75ec9560330d666d6dec91fd6ddc4a54"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
9
accept-ranges
bytes
content-length
24817
x-amz-id-2
VqOhBx5H6JegowzxxenIZ/eSQ968KLDDYz0NVTxsorUCsGA2DhXSoSYPMzJF9aaHF9C8q+hwGpI=
expires
Mon, 30 Oct 2023 12:52:44 GMT
truncated
/ Frame 1B7F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7e0b9bd9f2e063c4bb1e19a3c045dc75a55d6ddb2b3d7801fc00ec56976e5dc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 475D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 49AF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEMfGhV8RFRqOLcAINYynn28&google_cver=1&google_push=AXcoOmRpARVjAeVlH-9Zza-RuwZNGCV2TlIq5L-_bp0E-3Wdc43Hc1b-WxaBmvysPgaDxkQv0fM5b_oHzETSpb_7uE8MN89l2...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=846803918736&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=846803918736&us_privacy=1---
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=846803918736&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 49AF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN5Z16MK-NFSP6aI69AN6kA&google_cver=1&google_push=AXcoOmSMe03IOf-DOI8AzHUdg_9It-NVuqQrjdnWv6PSgMcbSzSjSo538WbqBspkGSL1W2cKChlZskOL...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN5Z16MK-NFSP6aI69AN6kA&google_cver=1&google_push=AXcoOmSMe03IOf-DOI8AzHUdg_9It-NVuqQrjdnWv6PSgMcbSzSjSo538WbqBspkGSL1W2cKChl...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg0NDc2ODI5MTA1ODIzNDEwNQ&google_push=AXcoOmSMe03IOf-DOI8AzHUdg_9It-NVuqQrjdnWv6PSgMcbSzSjSo538WbqBspkGSL1W2cKChlZsk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg0NDc2ODI5MTA1ODIzNDEwNQ&google_push=AXcoOmSMe03IOf-DOI8AzHUdg_9It-NVuqQrjdnWv6PSgMcbSzSjSo538WbqBspkGSL1W2cKChlZskOLZarO_0YErsKQ7OhB_pw6VEcs3IKpjXJn7ON8SwmOQeohh3qT9GOUxNQZWko7mqg6sygqcNjDo6k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg0NDc2ODI5MTA1ODIzNDEwNQ&google_push=AXcoOmSMe03IOf-DOI8AzHUdg_9It-NVuqQrjdnWv6PSgMcbSzSjSo538WbqBspkGSL1W2cKChlZskOLZarO_0YErsKQ7OhB_pw6VEcs3IKpjXJn7ON8SwmOQeohh3qT9GOUxNQZWko7mqg6sygqcNjDo6k
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 49AF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELW2aDqazVIhCqwAKswoMH0&google_cver=1&google_push=AXcoOmQ_ZaRbCJuEwyMWE-6Ocr4Y4eaYN01QL489Mt2ATfveNPXVlalvrOfo0_gEQ75ZMeiTputoIjXV_5kFjC5...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=c_nnShwtVAh8MbEa5ZaC-C0M3qw&google_push=AXcoOmQ_ZaRbCJuEwyMWE-6Ocr4Y4eaYN01QL489Mt2ATfveNPXVlalvrOfo0_gEQ75ZMeiTputoIjXV_5kFjC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=c_nnShwtVAh8MbEa5ZaC-C0M3qw&google_push=AXcoOmQ_ZaRbCJuEwyMWE-6Ocr4Y4eaYN01QL489Mt2ATfveNPXVlalvrOfo0_gEQ75ZMeiTputoIjXV_5kFjC563rqfms5kzbwzzs23nZpiPxL0hidjM3LDSglfs4DUiSNCDHlDK4jJ_wu-eBjK2ENo5NRE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=c_nnShwtVAh8MbEa5ZaC-C0M3qw&google_push=AXcoOmQ_ZaRbCJuEwyMWE-6Ocr4Y4eaYN01QL489Mt2ATfveNPXVlalvrOfo0_gEQ75ZMeiTputoIjXV_5kFjC563rqfms5kzbwzzs23nZpiPxL0hidjM3LDSglfs4DUiSNCDHlDK4jJ_wu-eBjK2ENo5NRE
Date
Mon, 30 Oct 2023 12:22:44 GMT
Connection
keep-alive
Content-Length
298
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 49AF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGtIcaO-OK6_FLcDzNr0l7U&google_cver=1&google_push=AXcoOmQ5jdh0qWfplketHXt4ISPex5wGZ0-UBpuDd3wSKiHunTgHy9RXev3xDuuhKV_NAv-BQtqHXk...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ5jdh0qWfplketHXt4ISPex5wGZ0-UBpuDd3wSKiHunTgHy9RXev3xDuuhKV_NAv-BQtqHXkE1TdzNDuIiamPveTi_1TaLKjWgmvYryfsdG87T_fiTq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ5jdh0qWfplketHXt4ISPex5wGZ0-UBpuDd3wSKiHunTgHy9RXev3xDuuhKV_NAv-BQtqHXkE1TdzNDuIiamPveTi_1TaLKjWgmvYryfsdG87T_fiTqFFBt6-nUzfn3vThqMdWG_bXBlxCS2-_Yps&google_hm=MTgyMzYzMjI1Mjc2OTgzMDI2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ5jdh0qWfplketHXt4ISPex5wGZ0-UBpuDd3wSKiHunTgHy9RXev3xDuuhKV_NAv-BQtqHXkE1TdzNDuIiamPveTi_1TaLKjWgmvYryfsdG87T_fiTqFFBt6-nUzfn3vThqMdWG_bXBlxCS2-_Yps&google_hm=MTgyMzYzMjI1Mjc2OTgzMDI2
date
Mon, 30 Oct 2023 12:22:43 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 49AF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGv-yjpmoJQ6BA1wwVUu4OI8T52L6yA__0Lk33dmk1MIcwkVwN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 1B7F 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1V1sE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTBAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu77M_4NaVSRbTOAaeulSl3I5weSiDybV6CbCjKBhyrJUirmhku4gz4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=rILEH028aDM&uach_m=[UACH]&cid=CAQSOwDICaaNv2vHFe3xBkmutVdi2cCY3qhpP4KsX_A7iPVEAz7cjH_jrCvqUSyqzkXpbAFgHD1Qy9cqQuEtGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 30 Oct 2023 12:22:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 1B7F 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6qtEYbWC9ACmAKdg2ICAgAAACE5AQwCW-6IJt54CSCbaOUQE6A_ZRpCTRwtRo9xAO4AABIAAAoKQVFVQkR3RUJEdw&wp=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
148849
server
Kestrel
content-length
0
carousel.js
a.teads.tv/media/flavors/ Frame A5BB 		88 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/flavors/carousel.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d846da62c6cac3a0cb074cb52a597e1c1ac6faa4d3bbf8db0aa2159910e506c2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 09:47:43 GMT
x-amz-request-id
JTD6JBRYBRCHWDQ5
etag
"75ec9560330d666d6dec91fd6ddc4a54"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
9
accept-ranges
bytes
content-length
24817
x-amz-id-2
VqOhBx5H6JegowzxxenIZ/eSQ968KLDDYz0NVTxsorUCsGA2DhXSoSYPMzJF9aaHF9C8q+hwGpI=
expires
Mon, 30 Oct 2023 12:52:44 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 11F4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Oct 2024 12:22:44 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 11F4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Oct 2024 12:22:44 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 11F4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 24 Oct 2024 12:22:44 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 11F4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 24 Oct 2024 12:22:44 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 11F4 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=AOnex9qtH6RbxVfjBbWi1Pmnj1aveZ8-cyUG7sFr0U3w0xKtm4__TI8xX4d2yPaGBTP-n9x3a8I4z8DIfEl0YRuhglTwd0D8mx8zZH2B1tRuJer40TmUSjfBUJsTEcoZndHHGbUJS5ZzMuc-2geTpqfz2dxxmjXtiQ22oAI1WAQy_t3hPtqsW93SHpDtA33k3Uk9vXftcfwT1xlSJfsJ1_7IwzjGLPVK3Wqquj3Y7xWe4EVYCjVvxyUMi2bXX5ijipPKPTquszvvVyn3dihDKjqDk5TQ8XKsWaq_aqhnjBk4g5WYSpzGfbL4JhhCyS7FGzXaCiE05RDEcDlXHk5C0QP6v1OlpkUocvqyxD_LUhG3VkremE0JjbsO1caQd7Fw56wzn1Tp1Awjfpv6iLUfnOd7PHK_RlYLE2DWRIFYnpnvEQbc
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1696903
expires
Mon, 26 Jul 1997 05:00:00 GMT
8ee4ca343fb14f05af202b864c76d49f_image_ad_336x280.jpeg
static.criteo.net/design/dt/41417/5044100/ Frame 11F4 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/41417/5044100/8ee4ca343fb14f05af202b864c76d49f_image_ad_336x280.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d058f0f30c5042da6579922a90cad83d4479337c1bb8755086b25cbf81a5ebce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 19 Oct 2023 13:24:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"65312df0-108a9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
67753
expires
Thu, 24 Oct 2024 12:22:44 GMT
im-uid.js
dmp.im-apps.net/sdk/ Frame 1FB7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6::210:6570 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Mon, 30 Oct 2023 12:22:44 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame A240 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 08:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
13205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 08:42:39 GMT
all
csm.eu.criteo.net/ Frame 11F4 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dyZaMX3DAo3hgswbTMZ2M8578F65GlC5Ydiw0PLYu7de-F_G4zmeQ1NxVWPOvv9l45i2jhR4_Lxqh40xoJsIy4Oko2CLGofqR8UD7iTp1jWAASS75e6Q5S__GX1_zh0NQnUVPNDfgtooceTQA1zFrjYh38nz9TQIvRpZxOVEOtgkqIyB6xElNDU_IyozSRJ9JFtGMe7vsXZ_kK0LkCsrrn7EPsU7f37hx8dhsGRh2bTu1NwG3-SWJPrus7SYverQDzaauw&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Oct 2023 12:22:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 11F4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Oct 2024 12:22:44 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 11F4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Oct 2024 12:22:44 GMT
http-source
s8t.teads.tv/logs/format/ Frame D8B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 30 Oct 2023 12:22:44 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 30 Oct 2023 12:22:44 GMT
http-source
s8t.teads.tv/logs/format/ Frame D8B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 30 Oct 2023 12:22:44 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 30 Oct 2023 12:22:44 GMT
track
t2.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&pfid=71&env=js-web&ut=1&cid=1151813&gid=1088632&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=oPalfuZytHUKy_VE_FDqe4SN&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1088632&dsp_creative_id=1151813&fms=9&p=72NBa6LF6A2uFJDYA_qMgs51vvOdESIV4y4uIpSLVwVpmg&cts=1698668562532&cs=-833854820249041923505&1698668562532=&slot=native&fv=1281-psm-105&ts=1698668564091&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&pageId=154680&pid=169092&hb_provider=prebid&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&pfid=71&f=1&slot=native&fv=1281-psm-105&ts=1698668564091&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
nurl
a.teads.tv/be-ms/ Frame D8B2 		10 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiDFpkYo-LhCMk0Jv76ykfT_7z8hmpmZmZmZ6T8ovqO9DDIbKhkKFQjD4C0SA1VTRBoKaW1wcmVzc2lvbhgBOMqMkAFYBWDKjJABcLjv9Qt4r6K9DJgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFHkgFWCAUQ9AUYwU8gn48DKgQ0NjAwMP___________wE6BHdpZmlCD20yNDcgZXVyb3BlIHNybEoBP1INZXVyb3BlL3p1cmljaFoFb2x0ZW5iB3NjaHdlaXqaAQp3d3cuYmczLmNvoAECqAEDuAHPN8IBBnByZWJpZOABAfoBMxIvChUI3Ya1ntju5rR0EPXJzOCg-cjnpQESFgjxlNmXj-vZuqgBEMHa8uGTrb2GvAEYAIAC54-lhLgxigIHV2luZG93c5ICBDEwLjCYAgCqAjZBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWGyAhkKFQilgv2vvdHm5HkQ0crTrbiY0pOAASAA2AIA4AIA8QIAAAAAAADwP_gCAYADAKIDeGh0dHBzOi8vd3d3LmJnMy5jby9hL3l1LWNlLWtlLXdlbi16aGUtZ3VvLXRhaS1taW5nLWNhbi14dWFuLXhpYS1jaGFuZy1jaGVuLXNodWktYmlhbi1jYWkteWluZy13ZW4teWluZy1oZW4tcWluZy1jaHUuaHRtbKgDALIDAmNougMGQ2hyb21lwANZyAMA0AMA8gMNNDUuMTIuMjIyLjE3MvgDA4AEAA==&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=YyRm37YXcG8NTNj8PLBCyzAKKKv_dU79WPcz6V6gG7M8Ig&psid=415253&checksum=770307950
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aedef1363e975fd7358f402e437db12a4f973b089570431dba95577d622ec1ab

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
10432
expires
Mon, 30 Oct 2023 12:22:44 GMT
rs
ad4m.at/ Frame 1AB4 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06f3cc28777f42fbf7fb2a8dbaa18e857c10c484b70b1cd879daf54dc6fcde8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EiwbUu8A5tQ6T3kgpvvmdsjFY1xvXXJqY07kFp5%2BqHRPQb%2FJQYF4UOwW90z7YkhOeSwaSyprvesBw2N6%2Fp8wQe1Z6lJVF%2FLaCooB5lOurIzNsXEBRxaIpK7MnJqi421dDbxpmk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cf-ray
81e3a01e1d38361d-FRA
x-backend-server
aa-reachservice-group-europe-west1-fwqs
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.bg3.co
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81e3a01ddcf5361d-FRA
content-length
24
content-type
text/plain
date
Mon, 30 Oct 2023 12:22:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTDBVqCjCZcuRl1c8kB8zLG%2BnSg%2B8aS9yIyzba7ERfXt63QptiNLr2CvWmAkdBEyoOqlUsjiigPtSc1Om1aV%2FApkUVVBvwLLp4uEQ%2BsYIBWSv2hEk4Aomvm%2BUu5nmPg3jXS8ipU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-smjw
track
t.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=uncat&pfid=71&gid=1088632&sid=174681&brid=7119&cid=1151813&rpm_reason=3&ut=1&p=5gl7i--SiZgdMdNy-WQzV39EAHgHnQpRmC7LyW6jLYOUMrc1Dos2AYeIDMnyJ0tL_N8&cts=1698668562533&cs=767246356266854607505&slot=native&fv=1281-psm-105&ts=1698668564100&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 475D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
get
audiencedata.im-apps.net/imuid/ Frame 1FB7 		10 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HE08JKN3K6V4B9MZNHFVYB0P
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 30 Oct 2023 12:22:44 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame 99D8 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
210845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 01:48:39 GMT
expires
Sun, 27 Oct 2024 01:48:39 GMT
last-modified
Fri, 27 Oct 2023 06:13:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 55D6 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 30 Oct 2023 12:58:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/ 		80 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 30 Oct 2023 12:22:44 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
track
t2.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&pfid=71&env=js-web&ut=1&cid=1151813&gid=1088632&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=juqypTnSTKcr8dVe5Fm8Ej-M&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1088632&dsp_creative_id=1151813&fms=9&p=B8SCEoBH0UNvbpci5npUgy5dNlQc6vx46zFeSzvraX6edQ&cts=1698668562541&cs=786455667691080512505&1698668562541=&slot=native&fv=1281-psm-105&ts=1698668564184&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&pageId=154680&pid=169092&hb_provider=prebid&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&pfid=71&f=1&slot=native&fv=1281-psm-105&ts=1698668564184&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
nurl
a.teads.tv/be-ms/ Frame A5BB 		10 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiDFpkYo-LhCMk0Jv76ykfT_7z8hmpmZmZmZ6T8ovqO9DDIbKhkKFQjD4C0SA1VTRBoKaW1wcmVzc2lvbhgBOMqMkAFYBWDKjJABcLjv9Qt4r6K9DJgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFHkgFWCAUQ9AUYwU8gn48DKgQ0NjAwMP___________wE6BHdpZmlCD20yNDcgZXVyb3BlIHNybEoBP1INZXVyb3BlL3p1cmljaFoFb2x0ZW5iB3NjaHdlaXqaAQp3d3cuYmczLmNvoAECqAEDuAHPN8IBBnByZWJpZOABAfoBMxIvChUI3Ya1ntju5rR0EPXJzOCg-cjnpQESFgitlO37tu3i0ZABELyK5qiChpS7iQEYAIAC74-lhLgxigIHV2luZG93c5ICBDEwLjCYAgCqAjZBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWGyAhkKFQilgv2vvdHm5HkQ0crTrbiY0pOAASAA2AIA4AIA8QIAAAAAAADwP_gCAYADAKIDeGh0dHBzOi8vd3d3LmJnMy5jby9hL3l1LWNlLWtlLXdlbi16aGUtZ3VvLXRhaS1taW5nLWNhbi14dWFuLXhpYS1jaGFuZy1jaGVuLXNodWktYmlhbi1jYWkteWluZy13ZW4teWluZy1oZW4tcWluZy1jaHUuaHRtbKgDALIDAmNougMGQ2hyb21lwANZyAMA0AMA8gMNNDUuMTIuMjIyLjE3MvgDA4AEAA==&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=gv0ugDv_888GFFHGAIzSuwZnVqphnq9z6uODREysjvDAig&psid=415253&checksum=1770953346
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
45ea34c82455cdc09b6167dd579ef1ea60d59c0f75db81327abf79fc705a3211

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
10428
expires
Mon, 30 Oct 2023 12:22:44 GMT
http-source
s8t.teads.tv/logs/format/ Frame D8B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 30 Oct 2023 12:22:44 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 30 Oct 2023 12:22:44 GMT
iframe
sync.teads.tv/ Frame C9FE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
d5cbb1c8ca5591a91263dac165cc506946b3236c33c2731c035edd1a7a7ddf59

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
723
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:44 GMT
expires
Mon, 30 Oct 2023 12:22:44 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
http-source
s8t.teads.tv/logs/format/ Frame D8B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 30 Oct 2023 12:22:44 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 30 Oct 2023 12:22:44 GMT
track
t.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&gid=1088632&sid=174681&env=js-web&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&pageId=154680&pid=169092&hb_provider=prebid&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&pfid=71&f=1&slot=native&fv=1281-psm-105&ts=1698668564215&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
truncated
/ Frame FD33 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FD33 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb612950bab80da54815a11e889308e8df01811bb17950058ff09e3a77047ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
performance-slide-b1605fb0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame FD33 		235 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-b1605fb0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae805895fd1ebcae605d909af1e1a67dda13d975bf7578ed907a642e22bdbd0d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13M8MFTJ4YS2FVZQ
x-amz-server-side-encryption
AES256
content-length
240191
x-amz-id-2
xYc8xEf1NahoynWWB63Je98hPXrNo2xfTsepk5WGWFkZdxiKgzRV7BiJ0L2oxUZ8KCdrfc2PIno=
last-modified
Wed, 18 Oct 2023 13:14:53 GMT
server
AmazonS3
etag
"026302d765dc9d98998ebcfcae2a78d1"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
performance-slide-b1605fb1-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame FD33 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-b1605fb1-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6c601a9d2d6a1fcc024929ac37837666cdfee53a3c5a56c6f9582f406279441

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13M0E8R7BNMM94BT
x-amz-server-side-encryption
AES256
content-length
143026
x-amz-id-2
sYN40xDuPyiZOw3j6su9ZYgyA41YDd1p4IZOFB7BtnGdBtT0vTTBjtU7cMVYSYla4CIHAlkD2Zc=
last-modified
Wed, 18 Oct 2023 13:14:53 GMT
server
AmazonS3
etag
"b6da1c58506df8e3a531d79812d2efab"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
performance-slide-d45224e0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame FD33 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-d45224e0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41043e1061ac7c268c287057b8684292a5fbbb6aefe012ba10d80e80a53498aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13MC3AEJ84J9VMAZ
x-amz-server-side-encryption
AES256
content-length
238833
x-amz-id-2
fgifkAVoT5ySTXdiJXBTApxClyyZcC7KfTl+tdLnCuCtQcN/jcj34eyXLG2vwzV5heB5UG7CoDY=
last-modified
Wed, 18 Oct 2023 13:14:53 GMT
server
AmazonS3
etag
"e4fb599f3baa275e74461c3abf7f9e1c"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
performance-slide-dbabdba0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame FD33 		250 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-dbabdba0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1992f05f9be62fc4e9b7f4077eb23afafa4217740f158b3f0a668da89a724bd1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13M25K7N6P5DW2BB
x-amz-server-side-encryption
AES256
content-length
256138
x-amz-id-2
ktHZkxTm4DQlV/R/8RSKmz+OOFDHZp3hZeq6nQlkf2E26Dq5wBZDLr9yokVyNTITD974AoVsbhE=
last-modified
Wed, 18 Oct 2023 13:14:53 GMT
server
AmazonS3
etag
"a73983d17a75eaec02e2be7e45b70168"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
performance-slide-e0d285c0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame FD33 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-e0d285c0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd36b72b03f5033f5aa6dc07d25b69cf8b57c64a1050fca404cba1c573d96b2e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13MBMP1GAGG9S59X
x-amz-server-side-encryption
AES256
content-length
39128
x-amz-id-2
/PPmHc/iQh5C+v1+zTSFlYX+2O9GoO4Nxm6jnQUbfXhSNzhMZo9zCsPGxsV1v0KEB25t5VMR3oI=
last-modified
Wed, 18 Oct 2023 13:13:58 GMT
server
AmazonS3
etag
"5ec008fbf0c99f9fc8533d416e200366"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
http-source
s8t.teads.tv/logs/format/ Frame D8B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/format/http-source
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000
date
Mon, 30 Oct 2023 12:22:44 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 30 Oct 2023 12:22:44 GMT
track
t2.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=impression&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&pscid=20204&scid=7024&pfid=71&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564122&cid=1151813&pid=169092&revenue_platform_fee=d4BrDF9PUmz7sMSCLDhO1j9o&srevenue_fp=_PF1Biao6lFSQqe6TjYk69F8&srevenue_curr=CHF&erevenue_curr=CHF&crevenue_advertising=ldyh4dsyNRvS3eFrkWA5Vli5&crevenue_curr=CHF&crevenue_platform_fee=LgpSm4Pv2RmKVKQQptcvSj5m&revenue_curr=CHF&revenue_advertising=wu1WpS_YpyXbGc2IlgPNZk3h&srevenue=4qjDvWfNywMdIfotTJrLHoOK&fms=9&erevenue=W5LGIkKewQW-7bK2uvLSCBe9&crevenue=g97lBifl9dC8Ylb7R9kwieeN&revenue=1JQAPsxmelOydjhM_BOuew8u&p=GVwipcxilYlcPJCEd1ojAshRe7gBV67cgywK1q3FE9hzoiK-26hCCadKTY4ggToLs5hFaWCBuvmDcmqqRmXN85E4i3zfcB-cNE1WmolvHAcHe0c5WZhBLTnIzp-oabxsXWoZjVntjIx1H1ZpG3hLLVJ-Nr3l9W_g_-OcU7fVDAgr_N9_QkxNCDpAKdRskBeMvDFH5GAgBRwhllFq_hU16fR0dZtrM_ftPK7itVQGxWT-oui0YvqzPNklHfqB3WpCRtm5ScN5xpLu_6rKsNhEHIxSwvB26l-tnTC8svjiZ4omoSEwawFf-q0ovPVvN4gJcxp2d1JGXZadg0a8fEtFJ-A08jCC-7hHKquXj9ZgcTGRgg&cs=761157144484290301105&slot=native&fv=1281-psm-105&ts=1698668564253&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
rar
as.ad4m.at/ad/ Frame DC69 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3c99725365d56f6c80b87d3c8ff77952a57d4dfbf893a30c6f6e475f24e968
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
81e3a01f6ca49be0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:44 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
track
t.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=uncat&pfid=71&gid=1088632&sid=174681&brid=7119&cid=1151813&rpm_reason=3&ut=1&p=EJEyeUGR5steYpCWhAXb99MOo_Y4kjwp38f62OlJMHC4NF8OYRed-3nyngU-HosjiyQ&cts=1698668562542&cs=508975588297047556105&slot=native&fv=1281-psm-105&ts=1698668564345&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ Frame 883A 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb72fa3c55b962b0e9197f74a14dce894e065911d8dd7d0ced5ce78dc7f26fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12249
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D8B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6ximXZAjVSO2HOP1kInT_z8oO3p_JRe-nqolzHQRBVLWxIirRh6dR-1TwzVPxZO_O7iP28bzSkPx75OXJKxd1ddP7tDdXzXvBDV4mJJmvpCPgtCldOkpDSQ8J1oiExU-J7RLIjGFsfVSXfPl03Ob42QHI8qhqiwUS2Nh0cbvvq59ZSxYsKJCZNJfkYYE-pijDIMLEC-synaghruJVxw16eJnwvwFMZTo6_B32S5Aic4B9Ypx6FgM91PvqPIhIlfda53aWP3OEHt6ObzELZrARk8eClDthax_PP73lHEBzcevdCCaTWIfAKO62QySWyYBab0l4Ra0Duj9Oyhvj7SIVWHA1VGcq9is&sai=AMfl-YSnguEX7T2myCcqv_xJlC6FvaXFVPwAcLcOPrv6IXO5yp1Be095O9ZLBwGMzOVpzBXphcMyAj6SF8DrxnLSmMyVXeTQ9JNv1xffzkyauR6vQkRHwCyb1sxIMg65Jw&sig=Cg0ArKJSzNIaSianaBXcEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Oct 2023 12:22:44 GMT
pixel
cm.g.doubleclick.net/ Frame C9FE
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1698...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzljOTlhOGItZDVmZi00MTI1LTgwMjctNDhjMzg1YjRlNTUx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzljOTlhOGItZDVmZi00MTI1LTgwMjctNDhjMzg1YjRlNTUx
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzljOTlhOGItZDVmZi00MTI1LTgwMjctNDhjMzg1YjRlNTUx
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 30 Oct 2023 12:22:44 GMT
generic
match.adsrvr.org/track/cmf/ Frame C9FE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&_t=1698668564340
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame C9FE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1698668564340
  • https://sync.teads.tv/um?fp=1&eid=80&uid=e804ed7b-79f3-429f-84e0-199fb6f55d3c&gdpr=0
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=e804ed7b-79f3-429f-84e0-199fb6f55d3c&gdpr=0
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Oct 2023 12:22:44 GMT
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=e804ed7b-79f3-429f-84e0-199fb6f55d3c&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1394079
content-length
0
expires
Mon, 30 Oct 2023 00:00:00 GMT
um
sync.teads.tv/ Frame C9FE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/79c99a8b-d5ff-4125-8027-48c385b4e551?gdpr=0&_t=1698668564340
  • https://sync.teads.tv/um?eid=132&uid=y-ammcpCJE2oTXW7mTcC.e3wzl4ZvEYlFpg9I-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-ammcpCJE2oTXW7mTcC.e3wzl4ZvEYlFpg9I-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Oct 2023 12:22:44 GMT
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Mon, 30 Oct 2023 12:22:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-ammcpCJE2oTXW7mTcC.e3wzl4ZvEYlFpg9I-~A
content-length
0
/
loadm.exelator.com/load/ Frame C9FE 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=79c99a8b-d5ff-4125-8027-48c385b4e551_eu_ch&_t=1698668564340
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
44858
tags.bluekai.com/site/ Frame C9FE 		62 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44858?id=79c99a8b-d5ff-4125-8027-48c385b4e551_eu_ch&limit=1&_t=1698668564340
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 30 Oct 2023 12:22:44 GMT
content-length
62
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame C9FE
Redirect Chain
  • https://idsync.rlcdn.com/474599.gif?partner_uid=79c99a8b-d5ff-4125-8027-48c385b4e551_ch&_t=1698668564340
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzc5Yzk5YThiLWQ1ZmYtNDEyNS04MDI3LTQ4YzM4NWI0ZTU1MV9jaBAAGg0IlMD-qQYSBQjoBxAAQgBKAA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHLRKyPxjNG3zmEeIposehQ&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHLRKyPxjNG3zmEeIposehQ&google_cver=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHLRKyPxjNG3zmEeIposehQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame C9FE 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=79c99a8b-d5ff-4125-8027-48c385b4e551_ch&_tid=79c99a8b-d5ff-4125-8027-48c385b4e551&_t=1698668564340
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.88.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-88-129.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame C9FE 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=79c99a8b-d5ff-4125-8027-48c385b4e551_ch&_t=1698668564340
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.252.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-252-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n013-dub-prod.krxd.net
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1698668564
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame C9FE
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=169866856...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=79c99a8b-d5ff-4125-8027-48c385b4e551
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=79c99a8b-d5ff-4125-8027-48c385b4e551
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Server
63.34.156.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-156-169.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 30 Oct 2023 12:22:44 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=79c99a8b-d5ff-4125-8027-48c385b4e551
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Mon, 30 Oct 2023 12:22:44 GMT
report
sync.teads.tv/um/ Frame C9FE
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzljOTlhOGItZDVmZi00MTI1LTgwMjctNDhjMzg1YjRlNTUx
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Oct 2023 12:22:44 GMT
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
sync.teads.tv/ Frame 9CD8 		1 KB
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
c4e9491930f625d6c74f95bd532398d03d74475df4e1d72cc879ca8d1422b6ff

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
566
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:44 GMT
expires
Mon, 30 Oct 2023 12:22:44 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
track
t.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&gid=1088632&sid=174681&env=js-web&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&pageId=154680&pid=169092&hb_provider=prebid&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&pfid=71&f=1&slot=native&fv=1281-psm-105&ts=1698668564438&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
performance-slide-b1605fb0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame A5BB 		0
0
performance-slide-b1605fb1-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame A5BB 		0
0
performance-slide-d45224e0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame A5BB 		0
0
performance-slide-dbabdba0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame A5BB 		0
0
performance-slide-e0d285c0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame A5BB 		0
0
performance-slide-b1605fb0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame 060C 		235 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-b1605fb0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae805895fd1ebcae605d909af1e1a67dda13d975bf7578ed907a642e22bdbd0d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13M8MFTJ4YS2FVZQ
x-amz-server-side-encryption
AES256
content-length
240191
x-amz-id-2
xYc8xEf1NahoynWWB63Je98hPXrNo2xfTsepk5WGWFkZdxiKgzRV7BiJ0L2oxUZ8KCdrfc2PIno=
last-modified
Wed, 18 Oct 2023 13:14:53 GMT
server
AmazonS3
etag
"026302d765dc9d98998ebcfcae2a78d1"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
performance-slide-b1605fb1-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame 060C 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-b1605fb1-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6c601a9d2d6a1fcc024929ac37837666cdfee53a3c5a56c6f9582f406279441

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13M0E8R7BNMM94BT
x-amz-server-side-encryption
AES256
content-length
143026
x-amz-id-2
sYN40xDuPyiZOw3j6su9ZYgyA41YDd1p4IZOFB7BtnGdBtT0vTTBjtU7cMVYSYla4CIHAlkD2Zc=
last-modified
Wed, 18 Oct 2023 13:14:53 GMT
server
AmazonS3
etag
"b6da1c58506df8e3a531d79812d2efab"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
performance-slide-d45224e0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame 060C 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-d45224e0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41043e1061ac7c268c287057b8684292a5fbbb6aefe012ba10d80e80a53498aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13MC3AEJ84J9VMAZ
x-amz-server-side-encryption
AES256
content-length
238833
x-amz-id-2
fgifkAVoT5ySTXdiJXBTApxClyyZcC7KfTl+tdLnCuCtQcN/jcj34eyXLG2vwzV5heB5UG7CoDY=
last-modified
Wed, 18 Oct 2023 13:14:53 GMT
server
AmazonS3
etag
"e4fb599f3baa275e74461c3abf7f9e1c"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
performance-slide-dbabdba0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame 060C 		250 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-dbabdba0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1992f05f9be62fc4e9b7f4077eb23afafa4217740f158b3f0a668da89a724bd1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13M25K7N6P5DW2BB
x-amz-server-side-encryption
AES256
content-length
256138
x-amz-id-2
ktHZkxTm4DQlV/R/8RSKmz+OOFDHZp3hZeq6nQlkf2E26Dq5wBZDLr9yokVyNTITD974AoVsbhE=
last-modified
Wed, 18 Oct 2023 13:14:53 GMT
server
AmazonS3
etag
"a73983d17a75eaec02e2be7e45b70168"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
performance-slide-e0d285c0-6db7-11ee-8490-7bdc52557b04.jpg
s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/ Frame 060C 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-e0d285c0-6db7-11ee-8490-7bdc52557b04.jpg
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/carousel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6:1b0::26e5 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd36b72b03f5033f5aa6dc07d25b69cf8b57c64a1050fca404cba1c573d96b2e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
x-amz-request-id
13MBMP1GAGG9S59X
x-amz-server-side-encryption
AES256
content-length
39128
x-amz-id-2
/PPmHc/iQh5C+v1+zTSFlYX+2O9GoO4Nxm6jnQUbfXhSNzhMZo9zCsPGxsV1v0KEB25t5VMR3oI=
last-modified
Wed, 18 Oct 2023 13:13:58 GMT
server
AmazonS3
etag
"5ec008fbf0c99f9fc8533d416e200366"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 29 Oct 2024 13:29:24 GMT
truncated
/ Frame 060C 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 060C 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb612950bab80da54815a11e889308e8df01811bb17950058ff09e3a77047ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
t2.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=impression&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&pscid=20204&scid=7024&pfid=71&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564215&cid=1151813&pid=169092&revenue_platform_fee=Ln5a7_Ei1MyOF2mHJpk1wSea&srevenue_fp=goElLfew2VrDXnTPopWsQU3x&srevenue_curr=CHF&erevenue_curr=CHF&crevenue_advertising=bM5RTWl_A8aPIBQ7o7oFPG2_&crevenue_curr=CHF&crevenue_platform_fee=t_vQmn9pN9Gfl7ybL1bb87Sp&revenue_curr=CHF&revenue_advertising=_SSefLeYtRnM3XkaiHV44PFx&srevenue=ikal0GKEdeIQyzrOrwcCJtWW&fms=9&erevenue=Rwvj47kC7Sto3CnaYsZUGzja&crevenue=ob9HMmHdWw-siVU63C3uVhzU&revenue=N7UwjS1K1BJoX-Yh9wzQE_0z&p=jDINg416uGZH_pPz5c-P6Je6AuiVOBJywobmUSlcnTRSgS0QSJEr-tZAodkje_TuGfyxsdETZ3GfCHfgSVpcvVOtQ-kh6zII3-wEvnRGD2aG1Ub2nt8ZTRVYeLzq3TqXNQiQ0329zTdroH9JCPo-P9uTE9ZUix1EaadSq-7rR7J5qL3ZPFqcKld7eKBVR8DHri10cJaGisjlGHUriGbprg9818KUIEztdvYoKyZ72uCMqRLNLn1uUsUlo33Mg0YUVdaRfU31UKnbTWWOLvBvQo4Mpt59CZN_1bNE_NGrFNLkn7XcF6qeUJxdSs1EzcZ3drnkMQJ2UyDY-Uixv14etvWXzXmdHMzCpDuCYyjI970KyA&cs=299548409554111974005&slot=native&fv=1281-psm-105&ts=1698668564456&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 883A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Oct 2023 12:22:44 GMT
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame DC69 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
280525
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwVSlluo7Ii5qCaokz9W0CKfZggjm%2F2iIhBGLlvuo%2BtdQHfIKDS7dWl1ImR4jgFBx3wI97DpWa5QG1I6gcoh83EULSOLSp8NHAvOfXDsO6yVJaNd4s59rpekZuExy1SUliUie%2BijXJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=3600
cf-ray
81e3a0201ca6996c-FRA
expires
Mon, 30 Oct 2023 13:22:44 GMT
D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
assets.ad4m.at/logo/ Frame DC69 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
592536
cf-polished
origFmt=png, origSize=14365
alt-svc
h3=":443"; ma=86400
content-length
10826
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 15:36:32 GMT
server
cloudflare
etag
"405368a2037ee53412eae93c3ecf0526"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVXBEc%2FhVtPZ1Nq5R%2BLgABwYEl5tCaezcsxfHspvu9x8LSKFly3iXGiNWvYlzrvELF4NZCfOgbYjiNRvsM0RlvOKr3Z8FeDGw1QRUFXqOSPdgdlwJGKgKIXGxEE78SK9Aa%2FRsxkHmangHXTw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
81e3a0204db39be0-FRA
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame DC69 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
495372
cf-polished
origFmt=png, origSize=17719
alt-svc
h3=":443"; ma=86400
content-length
14118
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 14:16:19 GMT
server
cloudflare
etag
"27a67b486c4e661d3a1c0664a26b354c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lW32%2FUQ2PRSwqxKvYzoX7nDZKzuZ4gMvouJ3uETBOtf%2B9bGsCY0iCvqbrM3G1vxkqD8iDP7HsQqkNxvwy2TvWDcRxhoU%2BXswH2ACRESN5ZJiuCcuDFurGC6uWXlEB2jGCOSibD1jM6KUuxc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
81e3a0204db59be0-FRA
ztpv.php
www.conrad.ch/ Frame DC69
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?insert=AW
0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.ch/ztpv.php?insert=AW
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:bae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
81e3a0225b3f1c17-FRA
content-length
0
expires
-1

Redirect headers

Date
Mon, 30 Oct 2023 12:22:44 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?insert=AW
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
assets.ad4m.at/logo/ Frame DC69 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
496536
cf-polished
origFmt=png, origSize=57632
alt-svc
h3=":443"; ma=86400
content-length
30756
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 15:39:06 GMT
server
cloudflare
etag
"de40c3e9eed9e7f2fbbae8f194b696fe"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZWhbp2WR%2BdHk3PZj3U%2FqJh1dSRB62f%2B5hkTlADxuj3hrBERRfO56xzJ58Uzglf6ihs9fwz4nZ%2Fvdb3d4MxG5K%2FvoZLdJPU9eXdt%2FHOR46YCllgvDnnIijzYBcoJ%2BZLxirCUOcEz6InbIrbE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
81e3a0204dbb9be0-FRA
C70C0BE9AB3EAAB1B924803E079DBEEC4895AF40B6439A4A896DA0A96F5C92A38EFDD839A06334DC627E0D94AE6BFF0D38C845994AFFD07D27956AB839FBD5A2
assets.ad4m.at/ Frame DC69 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C70C0BE9AB3EAAB1B924803E079DBEEC4895AF40B6439A4A896DA0A96F5C92A38EFDD839A06334DC627E0D94AE6BFF0D38C845994AFFD07D27956AB839FBD5A2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7fdc758cdbbd4501fea38e5d99a471340a6350295525ed5553177a77f90b4db

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1489946
cf-polished
origSize=73798
alt-svc
h3=":443"; ma=86400
content-length
68040
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 14:53:19 GMT
server
cloudflare
etag
"b131929cc5d044438b740d47da6d4ce0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aX3pQtD2f4ZLG4rd0nC5WvacBWpEiOiP04EPwVKXHj4wPG4bsUC9khed66doBp21zMIYBUiYqkRYJ91GqKsu3C7K4Upy2ZFrMnFC%2Bs6rDH1V8gZG1%2BiRtT4ROWmIQxpChVi5XJBOiZEw2L6O"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
81e3a0204dbd9be0-FRA
449f5b35d42da361ca5d18db91a014bd
min.tryiqos.ch/trck/epv/ Frame DC69 		43 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://min.tryiqos.ch/trck/epv/449f5b35d42da361ca5d18db91a014bd?tp=onetag&t=img&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.143.112 Villeurbanne, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
attribution-reporting-register-source
{"source_event_id":"2500500030417712","destination":"https://mediaintelligence.de/","expiry":5184000,"filter_data":{}}
server
nginx
x-iplb-request-id
2D0CDEAC:C70E_93878F70:01BB_653FA014_1C4601:19A29
x-iplb-instance
46722
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
x-min-lb
n1, n2
keep-alive
timeout=20
content-length
43
5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
assets.ad4m.at/logo/ Frame DC69 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491638
cf-polished
origFmt=png, origSize=10671
alt-svc
h3=":443"; ma=86400
content-length
2788
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 15:47:11 GMT
server
cloudflare
etag
"9acf9d00a48a7f6dbfd2227b1e5270f4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udsNIeo7ujYaF%2F%2BCReriRw1XaNLL0WTnHMuiWr%2B%2FepxloJZmCo58yKYAFDbcK853ih2ozpkyAE3iP8PVBLqWBahXiUb5P8GvO2uUYBTFLI63iYEypY2ik1vwJD4IS9%2FFoEzw4pjur%2F5FtwIR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
81e3a0204dbf9be0-FRA
83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
assets.ad4m.at/ Frame DC69 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1014887
cf-polished
origFmt=png, origSize=161182
alt-svc
h3=":443"; ma=86400
content-length
97668
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 14:13:58 GMT
server
cloudflare
etag
"51d64cff249103fb8a1f53706965d58f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Fo5eBSKsy1WoDDa6IAM5ldkZ88m5QFKiwbg3wvGKqdsdx4ebyyLArcTqJAjAgzGfOSy8A2SgYmtPmemVZA7IxAWUsNuVt3NyfXYPKMj2Nd8l7G0eVbFoi56G0vNfzteAyVYwxfoi59stl%2F1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
81e3a0204dc09be0-FRA
cshow.php
www.awin1.com/ Frame DC69 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=728&d=90&e=&g=c96b63a7b5aafaeb90dae22f2a5bed1f%2F17290985220989229474&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698668564169&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQoTcEqA_ZZ3qF9PD7gOC0bCICcT-wtJop4OKpNQL9i4QASC6vvAWYPWVzoHgBMgBCakCDGksNTe6sT6oAwHIA5sEqgT_AU_QgIOa8cCC1JIAuEUDZyc4QgEoz1hnI_7oQfCwC5aBX7VXx2v6X5H9Qr31KccgsU9kOILqvTj--sq0qxwmw6SwQ2oinnfUFASUGajJruWeQ1M_VawxMKgx7iAhYqjQ7g19iMWWNgPYOnMF445Q1abeBO03C6wFQxPUtjvo3eZr8v-r6D6d3jklj6HrmuwRrKSYOSKwgeqI4yswlpeCD1Yt9Gwprwxkh3GagnfyGLmPM9gg0MrNvld0GW6g2B2gKQlVhZA2yGLYKQdhgRazqStgBzQFH-aOa1kTMEExNkrSvirsF-9bosvWANeXOiifEq__lwcWXKYqkATJvWjhLsAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMzk1OTU4gAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CQ0iwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSMgDICaaNUyddQ2107zr1dzo_R2Hk4tWHqrVWnJWo0PFUIbknHBUujVfd7C7rpvCzFKPXGAE%2526sig%253DAOD64_2zd3MHtSKfB7mQOGeJCC6LgIXg9A%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-AQwl5TaojOM9JWjTl0SyvI2B1gBhB3Q9-GJBB0pVyKF7rdd-TBHPEUPGwgvGEzuw4Iqw6jAPyATqo0hJhKpB_34LjxR97pANgoi735OQlv7i63CNQqUKUN4l_TZelqEfKdp4rP5XZIThBb8BBJUvHIWNfCtSat00hY2oonTUAaxd29h8A%2526cry%253D1%2526dbm_d%253DAKAmf-BOosxLbKyisSgdyFDdL4eCFn-ZadbF-C4l2hHUi76dtXDsk3UP5MtQSuJytBsyzz4grBIBLXsgo6u7ZH9uleZATMpMMnSMHrm7FYqIDwxlWAhgpIOOtqAqLY2xLbaduV8IGYaNIarBOhKPf1AbAgA0BSAFsEDbFf-wWM2O4VV535t0LHb3VmJPKcgajqFyeA7rroWGSaDI_OXSQUjhqxK1Xeg56CcadiqnI9boDQt7kr5TXChFd44NbT-cK4nMNB11fGXlwFT0q286-1Ly_cxZGBsmRkn1etVZMInBjv1jHaDt7EHFB2xfHwzB95evJVUfEFENHwDNfvgeuHmBbiqI7iwSpbvJ5YU8XNsAogS1buA0gvRVnHnGt8fiE9e_NuvR_0kVoJb-OS01UDQCxVhwTlQDIWLbzwVYiTKAnM_F9btlI_d8bemh2JRFuj-Z6Q1U2LgMZ0IYJHVMaRh9eEth1xECBSAqXBTOGgfZNJu7GBTA-2DhbuQulCRwYGIDXPidwFPAHjHajX31JjHdUU4cz7vO1Yf3yroRIu2IIowA7AxF-iMamEB2fba8Fozms1Cu5NGU5g6ibWi1RpOq-Ww1k8Rh31v_0BASbQYYg1GGQc7Nx5y6_QkKHaVqJd22bfxkq9bUE-i0y2HThFgf56QvxEQ_sA%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-218-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:44 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame 99D8 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1896653200401487&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYHTcNLAsQvgBPBKU1-kHTw%3A1698672161%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=8FCF3D33-478A-436B-8781-1FED9C2B070B&nel=0&eid=44740340%2C44772139%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=1698668564507&cookie=ID%3D5ff8dc6b5940bfe0-225785af1fe300b9%3AT%3D1698668561%3ART%3D1698668563%3AS%3DALNI_MaysiqzvMoGL8MkkHMz71Ia3K4lLQ&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&scor=524519860353708&ged=ve4_td3_tt1_pd3_la3000_er742.400.743.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B2F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310240101&jk=1140702754723076&bg=!JCelJ2jNAAbo5yKYyOc7ADQBe5WfOADjaLgQHpxukRrpJaPDFisPCjf7b6rqOiL6-DVbfpDePqo8LuPCm1V2zz2r7RkcAgAAARJSAAAABGgBB5kC2ST6nhBgeSSeqOSZxDyQGErbNmW54QHksc4Kdx69CNjzk5fY4JYytlHfxWG_mdEcnZmm70ITMOg_59MzF_jb-kD1j8WaX3TbJbNtXDNy1crl4pP0UlFT4ZJpjav-QstB1b7lSc1r5LdJPNiZOYS8QG8ZnP-2iqM7aGlT8PI7QOgFAUH0cY7sC5xhlLJlzOT7CDXdQVIGe3UcKO1gsV5P_Usc9aB_mL6S6-IZCJJWtnXDMQ9cfK_FbG-g8dBG4tXiObDcWKp365vraurclQQpugsUOuRrhgPwm5CO39Vs0rHO8TfDJtFEHJm0NgXqaX6bCeBYlon9A6NFrMLqsqLe4QmtB18K7aoqoYOXRr7RICXJH9NqQcAIhdCzgCkGj17TNjulsQoSVpk0UyIhbXfNrH3MvVtc60Op51CFjuY7arhuY9wYMBDLNw4U3FBOZTISna1Nf5_OXAjkKwnOlPhL4LYw8IRjjEA5VlLimbOtXjd6BNb2iP1K8hlPlvN29fYYmLOkbhtI7qxdJeQOFZgYGG4PrAu8Y-Yeh95d8fWn-REfIHFao6FOIESIo4XxzAOOwpm9MSu5DHWdlX65NiRvncs32m-UmwQcRS7EWd1QcJflA2znX8UEnwwxVyc_6RJ3IdT-EztHsrMLmZrV94jxJDlJTepW4JU0RoRxdA-iLQFMcsLt8AjBXvIzsDPSw2Bo-L52iY-lN7pTsiQ_ebQnTGp5Er9TjwUFSbT8SvPB7w9xBZybJRoLkLHczHxKK-qqk-a7xSrs47dfinauP_WMbbEjTjKOxkMkAZLKq1nEhuHmFtFJ7EbaAvQCq4-v56Aju-GbvM5r4ZHSBa9mUKbBVQg5rhDvzmtmn5tEhY7Npixt2Rc26HjMbDv2qgaZL7vDtFpK7DicVcfc5UCq1_hqrTa2sDRwKPDXKu-QMx_FY8TSzzIen-k_rk0fXD5xU_youfbhpfAl3scdGQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 9CD8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&_t=1698668564467
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame 9CD8
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1698668564467
  • https://sync.teads.tv/um?fp=1&eid=80&uid=3e1187d0-25a7-4975-9280-a02e478c2cc4&gdpr=0
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=3e1187d0-25a7-4975-9280-a02e478c2cc4&gdpr=0
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Oct 2023 12:22:44 GMT
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=3e1187d0-25a7-4975-9280-a02e478c2cc4&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
882021
content-length
0
expires
Mon, 30 Oct 2023 00:00:00 GMT
um
sync.teads.tv/ Frame 9CD8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/79c99a8b-d5ff-4125-8027-48c385b4e551?gdpr=0&_t=1698668564467
  • https://sync.teads.tv/um?eid=132&uid=y-ammcpCJE2oTXW7mTcC.e3wzl4ZvEYlFpg9I-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-ammcpCJE2oTXW7mTcC.e3wzl4ZvEYlFpg9I-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Oct 2023 12:22:44 GMT
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Mon, 30 Oct 2023 12:22:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-ammcpCJE2oTXW7mTcC.e3wzl4ZvEYlFpg9I-~A
content-length
0
um
sync.teads.tv/ Frame 9CD8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D19%26uid%3D%24UID&gdpr=0&_t=1698668564467
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.teads.tv%252Fum%253Ffp%253D1%2526eid%253D19%2526uid%253D%2524UID%26gdpr%3D0%26_t%3D1698668564467
  • https://sync.teads.tv/um?fp=1&eid=19&uid=6340396427739311858&gdpr=0&_t=1698668564467
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=19&uid=6340396427739311858&gdpr=0&_t=1698668564467
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Oct 2023 12:22:45 GMT
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
an-x-request-uuid
1a14cb6d-74c3-468e-9763-05f7b6ee69b6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.teads.tv/um?fp=1&eid=19&uid=6340396427739311858&gdpr=0&_t=1698668564467
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
sync.springserve.com/ Frame 9CD8
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=169866856...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=79c99a8b-d5ff-4125-8027-48c385b4e551
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=79c99a8b-d5ff-4125-8027-48c385b4e551
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Server
63.34.156.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-156-169.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 30 Oct 2023 12:22:44 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=79c99a8b-d5ff-4125-8027-48c385b4e551
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Mon, 30 Oct 2023 12:22:44 GMT
report
sync.teads.tv/um/ Frame 9CD8
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzljOTlhOGItZDVmZi00MTI1LTgwMjctNDhjMzg1YjRlNTUx
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&viewerId=79c99a8b-d5ff-4125-8027-48c385b4e551
Protocol
H2
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Oct 2023 12:22:44 GMT
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD5D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
59865
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 19:44:59 GMT
expires
Mon, 28 Oct 2024 19:44:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7FB2 		829 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4dbe733e7aa89253a7369ae976513e653c9e2a9ef9702271cac0b9bb36a3f511
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-edUOQ6PbTPnL9dDYfPl2Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-edUOQ6PbTPnL9dDYfPl2Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:44 GMT
expires
Mon, 30 Oct 2023 12:22:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame A240 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bt9EdE6A_ZcW2J7fD7_UPnoy4gAwAAAAAOAHgBAI&bg=!MzClMH_NAAbo5yKYyOc7ADQBe5WfOJJkymMgs5yyDD6UaJCSjthm4yrnQSbmjG4KuzAbH_8wRtI8aosB0vGvQjiZVnlZAgAAAgZSAAAABGgBB5kCyWdrvBI4QVjX45gRO63PLIy9ykvtWWFrGuaOTLNdePCaeb57nfiniZLZaLOm1gzyn_zjJyKceNp0dj767v21NRUsjiZjKkx6V35YZN-gyohsWsneOFX6TLa46UBMRaCUT0blIyJsjr3zgyjFaTkcbDx6N7_wwEZGR9yw5G-TaTZLSrGgANDJZAP0-tqV3kB4dALiCS3p2OvHvhPGKbpVMKDg5iE2nxMKuU1iC-orcN711_ynkk8GkX0FJUzBJ_MMR5MJwvSlXKMlsfl0zgtODpKPp6ZXG94TiOwrpFEVVzYgV03UmTBPG4UVHhnnKPD72CEdgq8NstNRt9lKOqxkasfKpWXTccJGhW9yiTVHjDnFYMxVmuWjZFDyDsjXs7UD47sCQ39-5MZWv3Dgum63kmgRtLsZafGaojVZQ2EuJ2gb93As0_Iy81JHR2l3SANkatIQwbYWX77KeY8naqgFRWqv0IEmyrzMoLqd6K0rPGzMCwQJBcWgqxgYoqsXGbwioHyreBfFROgQlBdNRUcWKP76QJYlbukI3lu6ITiX9zpZonJMCLPu68qA8mL8zWvjtj9wyyISzZ403MN0gaEX9njxnnSZtF5w_L5uZW3l0c0MDi4EKDI39HOX051nFhn43-PYnqja8ozIGDtFeJJJnTJ4WLBXK-9OSPFpPmhq7FsEdO9X720c4SoYI1zFYjbJQt7YB_2kpqms9r1CZnGkTQPa7jLllhP-yI4PUWlxY8tTKZAc3G5HyUUfkFzTuV5mZ7RTyCykCsyHslVr6ThTNDpHw00tapzeZL_VFpUe0T4xXj-vRvwJDWfug2dmScg7MJbIMJdxD8vPN9kJs4hnCia1X7tw42mGaZMESIyi4DkV8PwD0B8_QdirTXAz93VRC0sfb7mJd0wZBUbMyg3DTe0pCyQfCHfbgHaimarwHDb4orXOsz2Cjs06
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:22:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7FB2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=227637249479363&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame AD5D 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 08:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
13205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 08:42:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1AB4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuunDDUb2-jqY42-t1iWUq6KenIFVQkwoj96MyR5e0D91IKCzovgdOHNCJH7IBhd1WjuMswNKLOTDapS3y-IPiqKInqmCNw_wxkL_8HiG2OBx0jOL_crTWLLKhr9gZG&sig=Cg0ArKJSzNeH7jNYwmT2EAE&id=lidar2&mcvt=1008&p=1110,436,1200,1164&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231025&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698668563442&rpt=299&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:22:44 GMT
csi
csi.gstatic.com/ Frame 99D8 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~locvekpy&c=6288048498641&slotId=3144024249320.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
generate_204
tpc.googlesyndication.com/ Frame AD5D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7UfJXQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
inview.20190130.min.js
js.genieessp.com/j/ Frame 1FB7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.129 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:45 GMT
content-encoding
gzip
last-modified
Thu, 14 Feb 2019 06:15:01 GMT
server
nginx
etag
W/"5c650765-13cd"
content-type
application/javascript
cache-control
max-age=31536000, private
cross-origin-resource-policy
cross-origin
expires
Tue, 29 Oct 2024 12:22:45 GMT
jstag
genieeintl-d.openx.net/w/1.0/ Frame 1FB7 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://genieeintl-d.openx.net/w/1.0/jstag
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e527ca7f0e4e5245b805dcd6e25cd6893d168bcb4dc0b91a7107aa5ea8ce5b95

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18066
expires
Mon, 30 Oct 2023 13:22:45 GMT
gl0
ialaddin.genieesspv.jp/yie/ld/ Frame 1FB7 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/gl0?zid=1551001&asid=11030163&idx=0&cb=1a04452011&l=P8qUyjp5NeOPOgE2RcMLpT9LW8K2frWxbWucg35muHLVSbHBAIWg9SLJi9ssfCi_xjebKawwfJjtnMlARDdYLRBQvdaVgC_geYxQEFS7viI1yukptt2tSOykMPOnRc6WRpVC65kR77vskLm9_PskxZSiADXby3KFrAet5_SwDPtpNon0LNqurj3C9rMr2qxVtO6RtANsiouTnj95XktX7in-vR8D-QjsewrkfpytoRn24fintAh_0HG3Jl-PQLyA-qmxp_C1-3j3ECQDxv1AnKcmoXtezGZIAPQcn45nvDQ_FMmWBtWrhhW54vYEggHyrZ-v2w6tnudw8nNmWFnB5jpSDdAhD6E4BiP6vNdClzzVFd0FVsgOjf9H6EcBgW_E9eM5YMELw2clYwcHF1Sg4--IWO4u0Hvdug77yfLm1U4b05xBaBNP14PetmSO5uP7fR1u_omBhZRpaghD5MpF5wlVhJyY2px-fI7mRNSvk0aX3L4G1Zxf0Rzr1-nxWRl456XUArfxxVFPWi3fv18-LsoUWFlno_r4dW95otUUBlww9MavnUWtMYCNJzQ5ABLqwCF0Nfj15w19vYg51l6cmSqzCWszmALqCKBEP99KVEhNg24q6IdRp-pVR8PR7_pT0lgJ6y5XzfIadNjmcXLA4d7GUyJ7ock-4bxvWvZpDdkgpBdPlTA10Rn-Y4kDbdwd2Ut_GmA4HPh5qIRN413lPOA3VgeksaOF4Djumbpz-Ahc9MEimzD8YfHUJs_9hf0DBgQ3Daek1T80CiXUUQArE5bDRqbpFAM2RIaM0VSbmGVeFs-8Pne6TQK3l5kFdthQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
cs
cs.gssprt.jp/yie/ld/ Frame 1FB7
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=3a465b875db240fde634d60a981a3cb7
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=3a465b875db240fde634d60a981a3cb7
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
222.230.178.132 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=3a465b875db240fde634d60a981a3cb7
date
Mon, 30 Oct 2023 12:22:46 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 1FB7
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA2pzoBKO2b-VVZtDAbOqcxl_Mr88wC2VYdGCnjsis0KGrw2uTgZVEDwN2ELZXOJxlA&format=gif
43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA2pzoBKO2b-VVZtDAbOqcxl_Mr88wC2VYdGCnjsis0KGrw2uTgZVEDwN2ELZXOJxlA&format=gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
222.230.178.132 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 30 Oct 2023 12:22:45 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
43
p3p
CUR ADM OUR NOR STA NID

Redirect headers

location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA2pzoBKO2b-VVZtDAbOqcxl_Mr88wC2VYdGCnjsis0KGrw2uTgZVEDwN2ELZXOJxlA&format=gif
date
Mon, 30 Oct 2023 12:22:45 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 1FB7
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAzhxkbxY2M7RB7RF0MaGzVMGP17_w0bXZjKRZ2_pA7utAY-8ngiwOj7PvxnPwI6wDg&format=gif
43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAzhxkbxY2M7RB7RF0MaGzVMGP17_w0bXZjKRZ2_pA7utAY-8ngiwOj7PvxnPwI6wDg&format=gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
222.230.178.132 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 30 Oct 2023 12:22:45 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
43
p3p
CUR ADM OUR NOR STA NID

Redirect headers

location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAzhxkbxY2M7RB7RF0MaGzVMGP17_w0bXZjKRZ2_pA7utAY-8ngiwOj7PvxnPwI6wDg&format=gif
date
Mon, 30 Oct 2023 12:22:45 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
cs
cs.gssprt.jp/yie/ld/ Frame 1FB7
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=VRiS5qLTDW-vQv0WFqA_ZQ
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=VRiS5qLTDW-vQv0WFqA_ZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Server
222.230.178.132 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 30 Oct 2023 12:22:46 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=VRiS5qLTDW-vQv0WFqA_ZQ
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
97
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AB4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3710212953190&version=m202309260101&ct=77&x=8&cor=17194141723031650000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
acj
genieeintl-d.openx.net/w/1.0/ Frame 1FB7
Redirect Chain
  • https://genieeintl-d.openx.net/w/1.0/acj?ai=db00e7bc-09ec-4929-8686-dcf0e78370cb&o=9648140340&callback=OX_9648140340&ju=https%3A//www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-...
  • https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=db00e7bc-09ec-4929-8686-dcf0e78370cb&o=9648140340&callback=OX_9648140340&ju=https%3A//www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-...
468 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=db00e7bc-09ec-4929-8686-dcf0e78370cb&o=9648140340&callback=OX_9648140340&ju=https%3A//www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ca816ccbefa27ca881631d3833cbef32c129aa54857458751ab7a950617f91e2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=db00e7bc-09ec-4929-8686-dcf0e78370cb&o=9648140340&callback=OX_9648140340&ju=https%3A//www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
date
Mon, 30 Oct 2023 12:22:45 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
track
t2.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-1&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564121&cid=1151813&pid=169092&p=zJmvvTi4MY9ynyZLUM8ILswsA93HK5MHG6sd--2JGhCrJ9da_u6Koo62itY2x37oiLOefNwIuKH5tOf9Sq-Ozw_KZQk87hUQNeiKpLx8x415HrTfW-ZbYENcsYkCeN5iPxjDZ_jsEosJtlesA85n5azQHbuhVjqpZEK9w-AXdqqcQ6PufH8uHXFl9jeL5gkMBXPXtLjmQtraemyIReRV6yLQ1MqwKPe53DEYJjRM1KiP-gnkqb8M3bi_fLSIvOQujqD6Y3eadj2jLUZhNsu-EWftTPl85KuqwMOzBT4zqGgOx2DfnNI-xf7cVJD8uBHZV_YbekFacikd6ttSTb2JA4Fuexf5eq2GNv7K2HferTPZXQ&cs=-218159433842166479105&slot=native&fv=1281-psm-105&ts=1698668565254&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
activeview
pagead2.googlesyndication.com/pcs/ Frame 1AB4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMe7PvACooXl2GU7NygujDnAYeM2rAsQM8w6HYW0mlsOgzXsmyRuqCytry7cnfSvLxvMRVR63SLgE6PrLM3JUBcBUmjDN5MRA90N5gTpHOi-I&sig=Cg0ArKJSzHYxbjcW6xfaEAE&id=lidar2&mcvt=1015&p=0,0,94,728&mtos=0,1015,1015,1015,1015&tos=0,1015,0,0,0&v=20231025&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=32&adk=1830721898&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698668563442&rpt=604&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D8B2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbUEMXy0ob0vdzSadTZx9djuOwZLjBNI_doFFgbnlBKlQeogzaLVRNfCp5k1Z-JF-iWIhzZ6jeolr-GC5w5D7GPSDs6OdHXgJvOy60yDD9oZPjhoHWfWaJy9bAXNKZ&sig=Cg0ArKJSzJet2MSyuXVGEAE&id=lidar2&mcvt=1003&p=60,295,310,595&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231025&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698668563817&rpt=559&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/YHTcNLAsQvgBPBKU1-kHTw:1698672161/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=294912-

Response headers

Date
Mon, 30 Oct 2023 12:22:45 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 294912-16890123/16890124
Connection
keep-alive
Content-Length
16595212
track
t2.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-1&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564214&cid=1151813&pid=169092&p=XWuGuyAExd-zNt6EpNhWs9ZyO1hHK1qe6WrMOLceDXd84-4BFg7sO9Igg0dSy8mCNe-Q9VvoabkVzmvZLLyN6B30F2tPlYvLlVduaG8suQHODaDLSMtAH0WKOl3ga-srYKdQO62Y_I3TkQNlWvyIBSmwZXGOTky6x_PZSbW_3-EOQt8v4ZTsCewBnXb5LmAqiCWAFgRw6Jfgrm6NX1lviuBm1zRD6mHdh695RsuJVE08tV7LywN1PW7D5EUiHHC1V7DAg2JBoX3hzfGz3OdM4O6stkbfG_tvaqgSbzaBw4dVp8ZWARU7GEspu4SjlMfDhQy6M8atIekHIioVSWYCB24nf0-LSvC9cutxMnDv220hKg&cs=-98864703395807584605&slot=native&fv=1281-psm-105&ts=1698668565457&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
csi
csi.gstatic.com/ Frame 99D8 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~locvel6j&c=6288048498641&slotId=3144024249320.5&ghmsh_eids=44740340%2C44772139%2C44777649%2C44781409%2C44802463
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 883A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=227637249479363&bg=!YGOlYyzNAAbo5yKYyOc7ADQBe5WfOOAkBV5FNQgLaxWWN5Oa_0Q51ZNTGD1Z5qlnMkxlZStVNMFTQE7oqhlOAeUZJBCKAgAAAMxSAAAABGgBB5kCz6SI1W-YmEDOPla_LtuBmE8KbvwihkDgNMi2fkN5tqLkQGdBagCKL8IlW9H_WEVWjo37_VKQwJJKH_F6JZNwcr0hz2_CuFFtCpdzte-ZWBeOzfKLwaSjW-t4GvYko0VvSYHEwf9x04JIs2DYGRZwCkiTPamfVrCOw8hhO4ikFg6e7WxM3c41dTryKP30-e03njpXNRjjnlk-8rHfLFIvhFactqNxq2gGBGo7OgAORb7sLhMipD1e9xfclCTy44_tvLQJE-ik7DMR_68qSHELPpnp2jcNuUQgGnZfBy_vXln_vYUMJHZBaxqYCjT_h4bQnNH6TVSNCjOGcKwCi-FBeYeAN6a2pHstogML7CX8yQEehXtzRef_ElXoLV98iaET-i-ORty_KzZpCzf5xqdNdWHhPHNfWaOKh7TLCfSW-qD5LYZ__iVMb5QvHVGC_feOOtn9o5CaSCdA9rTaNRRsPAPfJ91gzA3YSRTRzC6uNO57UQxDNEXCRN0PVvHnfnLJB4yQHRf507hXUWvzkwyxr-UxTEOuCo_7b1HQ86lWuOi-pUUkP40BwGnzP5GxpnjMHqWg7FTm_JMYIdovhAVP6jePib8pg5vwFuj2t-mCjh9XwAmG-9WMfRxu4dbf3au-GHVyNcyLoP0LMsPqlPdcD8_6wLtEYRXovu-CDMl7CLf1i0Ks9wOOqDg0qxUrMB_OeTwpiDqC1ZseqdQj9sbg9tEnTSrq5meSjCCpGMn35EIdVcbIfOfeWRJn3qLrHI2vdOEvkfX7HBowjv_e6qogIW9DYQ8iHxXg1ZEQf67MbKljHGUPnf1pCBgs5QxWhf664AXyZQtJ3Echgogdyf2jSeRRJ1KKczZhNotqTFz0Wgd9jrsGYR7J3U_sHmpRQ1x-36s6JLkXp6eKhklk2GdkOBz1HAhrsDDUmAIdEHGjkQPoHPvs8D14BIxLWFmp7naX
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698668565529&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1564&pt=-880460823&tz=60&viewable=true&ddast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ccdbf5cfe041882c25b7d948da3608cf2f39d4d2a1c9d66eacf2e2029e427919

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 30 Oct 2023 12:22:45 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1421
x-cache
MISS
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1698668566.541727,VS0,VE171
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 30 Oct 2023 12:22:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
186500
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
205436
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
40e3639a663356aa4eecfec51a8e5f601e20b06be9c9fce96aced588e882eacd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 29 Nov 2023 12:22:46 GMT
sync.html
public.servenobid.com/ Frame EBFE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
18739
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 30 Oct 2023 07:10:27 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
x-amz-cf-id
U-hKPF6MZZFOTsT2B2ynnoHbkOpE6G3XuagbMzj1ACICOWzzzVZcxA==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame 0C67 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 30 Oct 2023 12:22:46 GMT
checksync.php
contextual.media.net/ Frame 27C6 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
104fcc2fd6e3915827dd461fe6e067382a7603215b7dad6db6a7ad41028d76f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8514
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
Wed, 01 Nov 2023 12:22:46 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame AB5B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
8792
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 30 Oct 2023 12:22:46 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1928, 75474
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230116-FRA
X-Timer
S1698668566.127758,VS0,VE0
/
csync.smilewanted.com/ Frame 2863 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81e3a029ea9692a7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:46 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 3020 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1698668562364
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 3809 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Oct 2023 12:22:46 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame D492 		653 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
50e21ba80568830d1a9eb8ff72d7093f79e2e31360636b5f53023930d113af46

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
414
content-type
text/html
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame 85B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 30 Oct 2023 12:22:45 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
ixmatch.html
js-sec.indexww.com/um/ Frame E875 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1124
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81e3a02a4d0b3a8b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
Mon, 30 Oct 2023 16:22:46 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 3809 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aac79e100212384ae17538257576bdc5a8f354329d5c1e00d95047d2c836c7db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 12:22:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 09:03:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74430
Connection
keep-alive
Content-Length
11053
Expires
Tue, 31 Oct 2023 09:03:16 GMT
all
csm.eu.criteo.net/ Frame 11F4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dyZaMX3DAo3hgswbTMZ2M8578F65GlC5Ydiw0PLYu7de-F_G4zmeQ1NxVWPOvv9l45i2jhR4_Lxqh40xoJsIy4Oko2CLGofqR8UD7iTp1jWAASS75e6Q5S__GX1_zh0NQnUVPNDfgtooceTQA1zFrjYh38nz9TQIvRpZxOVEOtgkqIyB6xElNDU_IyozSRJ9JFtGMe7vsXZ_kK0LkCsrrn7EPsU7f37hx8dhsGRh2bTu1NwG3-SWJPrus7SYverQDzaauw&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT-gEwACoJAA-SeoAAcqTzSRajxuEc7xcp5BiQ&u=%7CvQdDRvEQdNX8VS8gILN8U8Uv6wJ6IPFFCgJm4GupnvY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYayWoPfEYiWHR04VXVQGElju-1J1HmKm91Xt42Gv_D4EP9dV_Z-1kqbc9HTuAAPv-ef_YlIuI9YZv1lhywZ1dd5Bo98qX6VzKsT2koEO2QilIXHpN1o7eL4_4Z_Mx1jKQbt7_JAKzwklJGUUbQdHPHlXqLF9UnP669jfXkBAiMLAzAtWB6_IC8nFT2cb_CEjC0REpT4G2r0GSvwfujwWwdAWLhYuN1fATB17Juk-JK76K-kW4W1X-xxwBwn2EdnM0wWsbyZSbGHemTHIGPP8N5gH4dCt4D_6cwGS7bul9gKylSxYzKLpQKbkChMiIE79jfjishggY7uBYhSGtY1NegtxcggdDojcmH1nYLgEy7prW07jO5olVIHlU3Dg8Fqv0ueePrSyCvawvrzIYqce6bYXanjanlYuTJ2aIK_ILUHa58jGbx5b2sSOLJIJIAUmy5s9tOe_o9tmufARCwxk7vACDNvLPTmirI0C2DVgFNHRIttuQp24zdUSzWHFgSijA8KcYugTTzqnG2Lano2usO70Ku-3YjrCkt&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBrmE6A_ZZDBCqjP5LcPz9Sc6A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAgxpLDU3urE-qAMByAMCqgTEAk_Q15XdWikHKuQZ3ws9iUUun0eh6j45qOjMaiukq1xjvTXo3ryLLycE9GXBzsQHD6LA3FyIRHCwryISPfiJFvtZijevoksY1_F9xsQrBsLqlegndeidtBkD3uaenIQXSs4xjPy-WvGBfDue6WGy8O2lkbb1q6_RFepBBS6oem7Y33gEyvvtBqJx6QVhNYW2kYgfkwkJ42-ypVCkbdl6ZVY1k-QbbJ6WhXhu9c4PBs17qZjkQ6taQjxKHqkF4IedtXw5eX_VhthER54aEyQNmmM9d6XsowMbhZ2M6GuJLoBATZapl33zcVXADZD7nTKshkvwAHvWed_n_PF4CzUqfzQYJJpJZaegwViIGrXQza8WwW7-YtRQnE9uu76O_aLI1beLcUbKXTPet5udz8OouSz78KR2RJ3HOA1KpqE5WHoAJqktS4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ucB0bXuESucffL9BvZ_OfuTPlrg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Oct 2023 12:22:45 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sd
us-u.openx.net/w/1.0/ Frame D492
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UdCaeQbVmC1KgZ59UNOEfALXnipK05l5Ate2G0oy
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UdCaeQbVmC1KgZ59UNOEfALXnipK05l5Ate2G0oy
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UdCaeQbVmC1KgZ59UNOEfALXnipK05l5Ate2G0oy
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D492
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8844768291058234105
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8844768291058234105
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8844768291058234105
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame D492 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6c39f33c-d03e-8112-8529-503e0fcdd7ba
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J6JDQZY2GXW73C6Y6C9N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame D492 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=34ef8f41-cc94-3ae8-4527-d2a967fe1c5a&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame D492 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg4MDVjOGItMDVlMy02NDRjLTUwYzctODgxMGFkMWNkMjNh
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D492
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDAAwO4WsRXoyB-cpdZV5XI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDAAwO4WsRXoyB-cpdZV5XI&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDAAwO4WsRXoyB-cpdZV5XI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 802E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.72.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-72-182.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b4be225f5915dc4cfdaec6943120d2ae1dd562244b4b640644bc5b13d038e30c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 30 Oct 2023 12:22:46 GMT
etag
W/"03369a02c1b5c1f170e3f66a3344e83a2"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame F400 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 492C 		948 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
5bda8f1194eaae29380baa3d55b02190e32944bf92184d9d7f064c1888f03cfa

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
948
content-type
text/html
date
Mon, 30 Oct 2023 12:22:45 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E01E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3c99da66fdcf8c3c595004ee0210e63349d59409bf825d3a061d909d7b5102

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81e3a02aec2e18df-FRA
content-encoding
br
content-type
text/html
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3%2FOjNdSvcy9ZHFPBjMkotoX4ZWLxaPfcArid3UXqihJ4qTRe4CBNyBRsz6t7ujbHOoj1IrNXG5KZcqMxNYcFdz2MolI1Ff%2FA52v5AoYuskS8klkOm2MSe7Lc6RbDhsSR2K09NPGXKuBHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81e3a02aabca18df-FRA
content-length
0
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQO6ACnVcHELK8WECzrI8KfDVgmSW%2BdjSnwriKK9ZFcgJ3cp85U4myXiJ9CKxBH3yNrSdfJ0bcflL5k2%2F4%2FZPLPbLA%2B3STTAmBnn6Xg%2BfUYwEqkBgzspUPsggrz9KDi7hjvVuwqYGB01Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2954
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Oct 2023 12:22:46 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 30 Oct 2023 12:22:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 301A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151549
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
Wed, 01 Nov 2023 06:28:35 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 5C1B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
46863f4a8ffdb6cde878a62e9df1c9775e394c6f9cd4c50bbc7ea7dd38101a76

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Mon, 30 Oct 2023 12:22:46 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id
4NDcdvylj1EmG3nx3e84K7GRzd9y2fiSj4Rr23IUsTzEKguWbHBu6w==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame 68E5 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 30 Oct 2023 12:22:46 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 8B35 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.205.208.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-208-143.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6dbd0fd7490f451fe915f14966ee3cd287af6d0a2390da68902454e294fd2b69

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Mon, 30 Oct 2023 12:22:46 GMT
server
istio-envoy
x-envoy-upstream-service-time
7
sync
ads.servenobid.com/ Frame EBFE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6340396427739311858
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6340396427739311858
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
an-x-request-uuid
657d98f3-76f7-4df9-abab-1208c712bb54
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=6340396427739311858
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame EBFE
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HkompRZHRwPaAVS6SuCSmYNt
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HkompRZHRwPaAVS6SuCSmYNt
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HkompRZHRwPaAVS6SuCSmYNt
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame EBFE 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Oct 2023 12:22:46 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
rtb-csync.smartadserver.com/redir/ Frame EBFE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698668566269
  • https://ad.turn.com/r/cs?pid=45&rndcb=2538796507
  • https://sync.1rx.io/usersync/turn/3206641468380062169?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-7950cb2a-8...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7950cb2a8ff64fabbb392d2fa962f349003
content-type
text/html
sync
ads.servenobid.com/ Frame EBFE
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5140084927991940638
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5140084927991940638
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5140084927991940638
Date
Mon, 30 Oct 2023 12:22:46 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame EBFE
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=9da0abaa-c749-4dd1-9974-bed4d8f4e335
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=9da0abaa-c749-4dd1-9974-bed4d8f4e335
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-224
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=9da0abaa-c749-4dd1-9974-bed4d8f4e335
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame EBFE
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame EBFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame EBFE
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAgwOOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.91 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAgwOOAE=
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame EBFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame EBFE 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.132.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-132-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
sync
ads.servenobid.com/ Frame EBFE
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 30 Oct 2023 12:22:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 30 Oct 2023 12:22:46 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 2863 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1486882
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
81e3a02abb6592a7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame AB5B 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
an-x-request-uuid
634b58df-e254-4dfa-9b71-c138f63c2e58
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2113
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d4416febfa579f6c2aabb70af69c752b8fa95bb5fdb76b3e43fceec1afc970e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81e3a02b29ae30ea-FRA
content-encoding
br
content-type
text/html
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BcGG74XkBaogjK2jX2RIWMZJZfsQanamwzo2jbL25Ph%2Besamu46YTpT1zms0zUE5UCZFfxuIVZjZ7ON5VoiLk5tGpjfyaZ41DfnFaEPYUvCGib2L8xem95M1KEpsCHiJhRhTpGbFCkSxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81e3a02adc1c18df-FRA
content-length
0
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZ3MtYj8zZfbN1Wz7ONUbbyK0ecnEM23Ccc6Lr1BW3m%2BsEO%2ByDdYwI%2BxcWbfGmweB%2FAirCFNjYKaVlpJYcMn5gs8byR%2B%2FJLpcbRACQiYBUukGlDkSeVQEH9BXcaGTvO0TiMCOimOPmINXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame F037 		0
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81e3a02b3bcf92a7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:46 GMT
server
cloudflare
vary
Accept-Encoding
track
t2.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-2&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564121&cid=1151813&pid=169092&p=7t0wsgX9r-pbJGJwRjLaALe_owOjUXue6mMnkXWTeU7cm3GF_oSxXeGKV4EFlE8Z9SXaK2_8-yhSy46ZsE8UAltCQU6HvA_87c7zbB5xtl6Owv-CXargVZgCXQSWGJjQhWS_d60ZLg2y9i551Ihk5CfemAlweiUe4GDNxKSEYkuPQjZaLOQaGNrPX8MKeoOtK5RSXQDII6LZLVWHiNAZwWHPZ2v7utEqi_6esRh1CPWmviKDDBqCKHzAVvAQyHC7hZ5ItTiatQTU0oCRdf28iI3PvTsl1YWIfwBwOoaYmwNzdbMKjk3Fsh4uel9v1xIz9ru4_E6NkGHxzaL0shZ8y1zI3XGtNUzj0LKySczfTYJrEA&cs=-321074024408215653005&slot=native&fv=1281-psm-105&ts=1698668566261&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sync
ads.servenobid.com/ Frame 492C 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=182363225276983026&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
dcm
s.amazon-adsystem.com/ Frame 492C
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=182363225276983026&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=182363225276983026&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YTC51HMCEJPTJ11K4GK0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=182363225276983026&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
wt.rqtrk.eu/ Frame 492C
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=182363225276983026&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=182363225276983026&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
141.95.32.71 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-006.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
28
content-length
43
expires
Mon, 30 Oct 2023 12:22:45 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=182363225276983026&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 492C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e804ed7b-79f3-429f-84e0-199fb6f55d3c&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e804ed7b-79f3-429f-84e0-199fb6f55d3c&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e804ed7b-79f3-429f-84e0-199fb6f55d3c&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
913873
content-length
0
expires
Mon, 30 Oct 2023 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 492C
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1698668566298
  • https://ad.turn.com/r/cs?pid=45&rndcb=6402038794
  • https://sync.1rx.io/usersync/turn/3278699062417990105?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-7950cb2a-8...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7950cb2a8ff64fabbb392d2fa962f349003
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 301A 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92509667&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2e74ef9997572d823b9aeab01df1a53b824cc42846fd8b6beaa4e49dfa0c33ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/usync/ Frame AE95 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
crum
dsum-sec.casalemedia.com/ Frame E01E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZT.gFvAKAxf-Axit5l3mIwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSyQ_Yk4H2qScamTdpu-J0&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSyQ_Yk4H2qScamTdpu-J0&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ankqv9KifxPJmBU8KA%2FjxSe0%2FAcK6SgPsaHX5uv9O5an0HrEtxp%2FL33y8cMLrw29uEk1eaPiKD0NsRdDZaMNGWXIsR%2BuKqQW4kvffGcR38clIXg1XQzlYxF48fnAgbU3ACjH%2F95D7UQfAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02c4aed30ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSyQ_Yk4H2qScamTdpu-J0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E01E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZT-gFvAKAxf_Axit5l3mIwAABIgAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DC1YDRH0JNHN7M7ABCGB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E01E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
52154.gif
idsync.rlcdn.com/ Frame E01E
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZT.gFvAKAxf-Axit5l3mIwAA%261160&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZT.gFvAKAxf-Axit5l3mIwAA%261160&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0feb286f190a467f9546c26b11f63ec9
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=0feb286f-190a-467f-9546-c26b11f63ec9
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9d9a1d3c-4d97-4c0d-a12f-58d95f3cfd26%3A1698668567.2511024&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9d9a1d3c-4d97-4c0d-a12f-58d95f3...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927991940653&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9d9a1d3c-4d97-4c0d-a1...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9d9a1d3c-4d97-4c0d-a12f-58d95f3cfd26%3A1698668567.2511024&_=1698668567.2534742
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6340396427739311858
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6340396427739311858
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
an-x-request-uuid
fe838c24-19d9-44c1-add2-d4f3d9595766
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6340396427739311858
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E01E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LSHGDzFd1QXri65
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LSHGDzFd1QXri65
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hx57q4zdp%2Fcnjwkn%2BvWMQti1o0WwXXA%2FG%2BpB5TKrnk2Nc9oT6UcHDPZH39RPLV9hbZao1vtPAB3OSTdSObpzD0k6ACHx195qjQp7T9YJRJKW6NjVqh1INKDugFSEyBepcoCu%2BclwCYL17g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02ccb6930ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:45 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-066d8784b19149d32@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LSHGDzFd1QXri65
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E01E
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433830696896512
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433830696896512
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BaHxMeZ5BmuaKTWGprn18hbyc1XeucRDs8zfjXElFR2ovqgiweeevMvJSeMTE9v5vVp%2FEC5ANayMPu%2BmRMlHuHcG6oUyHqPeHTWIh7wDbfg8%2FPI7%2Bkc3z7f0ypcX%2FxPFQYhtT1mZFS2dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02c4ae230ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433830696896512
Date
Mon, 30 Oct 2023 12:22:46 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ix
ad4m.at/ad/sim/ Frame E01E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
r.casalemedia.com/ Frame E01E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=
43 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvykJnMTDkRcnD5ugI377Yruc4%2F6JudJ%2FypSx22gUrfvCGoOs5IuXQ6jtMHI7lEsvrP4e%2F404hUwQqt%2Fjq49k8aTze59D1tnFJJadfPvVyVHUWgWgEhLLWz0j5s1CKKa1LSY"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02ffa7c18df-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.servenobid.com/ Frame E01E 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZT-gFvAKAxf_Axit5l3mIwAABIgAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
480429.gif
idsync.rlcdn.com/ Frame 2113
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZT.gFjzELfTlDUYy4m3xAQAA%263353&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZT.gFjzELfTlDUYy4m3xAQAA%263353&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=9bf7846088e64cdd824bc8f0a5a63d20
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=9bf78460-88e6-4cdd-824b-c8f0a5a63d20
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fc193f67-8a66-43f5-adb5-e358cf0f6f35%3A1698668567.2522514&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfc193f67-8a66-43f5-adb5-e358cf0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927991940653&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfc193f67-8a66-43f5-ad...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fc193f67-8a66-43f5-adb5-e358cf0f6f35%3A1698668567.2522514&_=1698668567.2555249
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEN022bpsh7DaMagVocSx1R4&google_cver=1
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEN022bpsh7DaMagVocSx1R4&action=GET_ID&etid=&domid=1052
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6340396427739311858&opid=apx&ops=&utidl=tech:goo:CAESEN022bpsh7DaMagVocSx1R4&action=GET_ID&etid=&domid=1052
  • https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A52634385712
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A52634385712
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A52634385712
date
Mon, 30 Oct 2023 12:22:48 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 2113
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZT.gFjzELfTlDUYy4m3xAQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSyQ_Yk4H2qScamTdpu-J0&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSyQ_Yk4H2qScamTdpu-J0&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgEwICmF%2B%2FFXGPcOTlX88Ba%2FAX4OEiZd4HA0uK1aSwXhiomuJJ2UoITPAJczwNTIuOWX5aR8A3YBbt%2BCEaPZS7YGvwXOU2JwABSoR0yFrOfEUgYRPPfE5f1gQk0pKZJAbnUgejHl1gEWaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02c4aee30ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELSyQ_Yk4H2qScamTdpu-J0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2113 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 2113
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZT-gFjzELfTlDUYy4m3xAQAADRkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJyCYCVTmFqh2k548eqR6d8&google_cver=1
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJyCYCVTmFqh2k548eqR6d8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2ydYa9Mv%2Ftd%2F%2B5FglGIbH1vP%2BsfHj%2Fvdfof6DI37vbG795dm176l3Pe4ExxAb6zObQa1Hn1kdUdgA8v8EDINRi8%2FkPIrgveIK7jN3skIfvLL%2BNsqaeKxFgbRyKfFo75VGfOF%2Fkor6F%2Fsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02bba4d30ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJyCYCVTmFqh2k548eqR6d8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2113
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714479766&external_user_id=293037fc-6a89-48ea-8740-95cb32aa18e1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714479766&external_user_id=293037fc-6a89-48ea-8740-95cb32aa18e1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj7koilJobs%2FfYAW52NCI%2B4%2BnmU9cbj10myZr5RTrVPOP7AiBFKKADULTxnYQ%2B4Z7%2BTQbJKbUVecAmx80zHktYCTVM%2BbOR6RlaUAEVEOGiCz%2Fzj6YNGKwlZp%2BXgVRSnXsizOYF1be90GEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02c9b3c30ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714479766&external_user_id=293037fc-6a89-48ea-8740-95cb32aa18e1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 2113
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E76osZEzUWbXEWqD6ToLZS2KVCpS%2BQwUGhw8E268zmE3PaWYA62SG8ugCsdKPqXEgXK7N3ThF2IJTuDTelISyn8cTwD9G8qMx3YYeGfqu5mCPjYnCUsKv2IFKS9SkTDShRAoU0PHyGt2OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02c4ae330ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 2113
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084927991940653
43 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084927991940653
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8om%2Bp7sdEFwH9f0mnHlK%2BR%2B%2BjByL3ESOsZxo0Y%2BZjMs1mpPZ%2F5wvTbhVR%2BeQ%2BjUkGNPVYgKV57xv0Sv%2BrC%2B6D6G%2BUu3ZisuNRtQZQU5qr9iIpDe54TOlb3v1FjEgPGdV8aPURzSHNUpOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02c4aeb30ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084927991940653
Date
Mon, 30 Oct 2023 12:22:46 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 2113
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZT_gFgAAAECjFgAm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZT_gFgAAAECjFgAm&_test=ZT_gFgAAAECjFgAm
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZT_gFgAAAECjFgAm&_test=ZT_gFgAAAECjFgAm
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgQIw7qkc058aRkF9lTVVR9BGvfQzv9LhOb4uizdV%2BEabeyHPo%2F1TWtCjmXRSna6YElXBxuAvP%2BDow30Kg8LBreo21QIUCGEAbU%2FNeX61YZHMS0OVTbFGKezjMjx4kEU2%2BCt%2F0xCkxYpbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81e3a02d6c3430ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230066-FRA
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1698668567.552519,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZT_gFgAAAECjFgAm&_test=ZT_gFgAAAECjFgAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2113 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZT.gFjzELfTlDUYy4m3xAQAA%263353
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63763
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81e3a02b8e453a8b-FRA
content-length
43
expires
Tue, 31 Oct 2023 12:22:46 GMT
pixel
ap.lijit.com/ Frame 46D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 30 Oct 2023 12:22:46 GMT
X-Sovrn-Pod
ad_ap7ams1
usersync
usersync.gumgum.com/ Frame 802E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6340396427739311858
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6340396427739311858
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
an-x-request-uuid
5acd2f08-b1c9-482d-8fa7-a464aecc3507
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6340396427739311858
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 802E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1876b157-c785-4fb8-90ac-5cb0243b4174&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8844768291058234105&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 802E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=c3d22b31-e481-02be-225c-c244afae1d1c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=c3d22b31-e481-02be-225c-c244afae1d1c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 30 Oct 2023 12:22:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=c3d22b31-e481-02be-225c-c244afae1d1c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 802E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
Date
Mon, 30 Oct 2023 12:22:46 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 802E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-7kuGwyNE2pc9lP6quv78mb7xh4sKOfDdkSNg~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-7kuGwyNE2pc9lP6quv78mb7xh4sKOfDdkSNg~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-7kuGwyNE2pc9lP6quv78mb7xh4sKOfDdkSNg~A
content-length
0
usersync
usersync.gumgum.com/ Frame 802E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f2bf897b-88a0-4ada-aea5-88c7203f3f13
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f2bf897b-88a0-4ada-aea5-88c7203f3f13
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f2bf897b-88a0-4ada-aea5-88c7203f3f13
Date
Mon, 30 Oct 2023 12:22:46 GMT
Connection
keep-alive
X-CI-RTID
ee3a129f-9018-4bc6-bf25-ca0b337c9fe8
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 802E 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:45 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 802E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1876b157-c785-4fb8-90ac-5cb0243b4174&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_1876b157-c785-4fb8-90ac-5cb0243b4174&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=wX2uT1VheezguExWq1fo&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=wX2uT1VheezguExWq1fo&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=wX2uT1VheezguExWq1fo&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 802E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=BRFaRERwbXGE&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=BRFaRERwbXGE&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=BRFaRERwbXGE&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdf9fc9cc-ljnkj
expires
-1
usersync
usersync.gumgum.com/ Frame 802E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=182363225276983026
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=182363225276983026
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=182363225276983026
date
Mon, 30 Oct 2023 12:22:46 GMT
content-length
0
sync
ads.servenobid.com/ Frame 802E 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_1876b157-c785-4fb8-90ac-5cb0243b4174
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame FF76
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=8844768291058234105&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=8844768291058234105&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.72.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-72-182.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=8844768291058234105&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 3FE2 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xODc2YjE1Ny1jNzg1LTRmYjgtOTBhYy01Y2IwMjQzYjQxNzQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BD7F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151549
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
Wed, 01 Nov 2023 06:28:35 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 23FB 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 30 Oct 2023 12:22:46 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 70E1
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZT.gF8Co8XoAAPB5d64AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZT.gF8Co8XoAAPB5d64AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 30 Oct 2023 12:22:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 30 Oct 2023 12:22:47 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZT.gF8Co8XoAAPB5d64AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40319.dc2p.scaleout.jp
X-SO-IP
45.12.222.172
X-SO-Key
ZT.gF8Co8XoAAPB5d64AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"45.12.222.172","key":"ZT.gF8Co8XoAAPB5d64AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40319"}
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40319
usersync
usersync.gumgum.com/ Frame 5515
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=d5tyvEdt8IxQm2CcW9BK&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=d5tyvEdt8IxQm2CcW9BK&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 30 Oct 2023 12:22:46 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 30 Oct 2023 12:22:46 GMT Mon, 30 Oct 2023 12:22:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=d5tyvEdt8IxQm2CcW9BK&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 4838
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Oct 2023 12:22:46 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 30 Oct 2023 12:22:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame F4E3 		0
0
usync.js
eus.rubiconproject.com/ Frame 2954 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aac79e100212384ae17538257576bdc5a8f354329d5c1e00d95047d2c836c7db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 12:22:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 09:03:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74430
Connection
keep-alive
Content-Length
11053
Expires
Tue, 31 Oct 2023 09:03:16 GMT
RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
sync.targeting.unrulymedia.com/csync/ Frame 6517
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=2939835780
  • https://sync.1rx.io/usersync/turn/3278699062417990105?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
43
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
pragma
no-cache
cs
cs-rtb.minutemedia-prebid.com/ Frame 5C1B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZT.gFvAKAxf-Axit5l3mIwAA%261160
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZT.gFvAKAxf-Axit5l3mIwAA%261160
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
fCclZFN6_kVkvBD_0RWF7Ccyc6TXGqaqpH1aTSPQRYaWjB7LOhnLNg==

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lC1pRWFC6iJmpgM3%2BNKr2pJ8Zbhsaoww%2BqHbT%2B8ZjZLoUT7woZBgHc9%2BcagryBf72TZKX8GAdJRn%2F%2BjWRa1Sued1rDCAY19YV2SX00NXwZPY6Q613%2FHXGq2%2FN5i2x7bzkMkKFd3XE7xUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZT.gFvAKAxf-Axit5l3mIwAA%261160
cache-control
no-cache
cf-ray
81e3a02ccb6f30ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
ap.lijit.com/ Frame 5C1B 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Oct 2023 12:22:46 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 5C1B
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=678a602a62da295f56ae23c30c2c17c7
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=678a602a62da295f56ae23c30c2c17c7
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
tR5c_ddAvCPqFdyM9IxRf7TuFnDgiMtQ1d1DGPPmyQ09vVr5RV319Q==

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=678a602a62da295f56ae23c30c2c17c7
x-kong-upstream-latency
3
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 5C1B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=adb66d45-b306-05bc-3dbf-cb5e27fd96bf
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=adb66d45-b306-05bc-3dbf-cb5e27fd96bf
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
4QovI5jql2tUnCI2IU_E87MgDFhH-0qMmN28Fh31UWdbn9_Io6_XYA==

Redirect headers

date
Mon, 30 Oct 2023 12:22:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=adb66d45-b306-05bc-3dbf-cb5e27fd96bf
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5C1B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6340396427739311858
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6340396427739311858
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
an-x-request-uuid
217c5ad0-7517-43a7-a9a7-e04b60f00d40
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6340396427739311858
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-rtb.minutemedia-prebid.com/ Frame 5C1B
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
bOZcCmcp4wq3UsCRRm0bEjnfypVnXfslBoGigchlWTV33J9YvSy8CA==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 5C1B
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=262362810947758941118
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=262362810947758941118
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
yqoC_0_yjZLBtm4slszA5hWu3XYq5s_O9vDi8FF5fFg7A9zCMpKhHQ==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=262362810947758941118
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ads.servenobid.com/ Frame 5C1B 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=3VmVB0a-kp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4838 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aac79e100212384ae17538257576bdc5a8f354329d5c1e00d95047d2c836c7db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 12:22:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 09:03:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74430
Connection
keep-alive
Content-Length
11053
Expires
Tue, 31 Oct 2023 09:03:16 GMT
track
t2.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-2&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564214&cid=1151813&pid=169092&p=04VuWM9_mLnTcemmjZGYWkPxXUgMcTILMVSb0RrNQVrjIEuIL926zOiq-snzPRHzDm7GlWne3H5Yc1i-nTGgt4HN-c96SsE6jor8CIgKSrHWeMrZaczl8KaDqqdYv-xrOqaBlpmLbgre64C-1QcERbK0Tpz5VfDxHzHFxvtVOXsWzENG3qzHK1WnZoVk8JBIrL1PRmOuHjxOQwsfYTyo_eYyzvaKSlvt0My4BObFF_xG7nWDfpk3cbsZmYYJ4MTCtZyvZ4MNE8hqgrZFp1UNd2CYmfJD83Rs0DHec44jrJ517Di86-uSq6rpEYpKraEg9bRfEFfhdOkSExLHoEGqsHo_yqXA0ovlQx5ONwvu5xTxOw&cs=55871306664639438905&slot=native&fv=1281-psm-105&ts=1698668566521&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
0addc5d3-e6d0-532f-a76e-e98bc251499d
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 9EB2
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=7492727175570006973
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/0addc5d3-e6d0-532f-a76e-e98bc251499d
0
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/0addc5d3-e6d0-532f-a76e-e98bc251499d
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81e3a03189d792a7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/0addc5d3-e6d0-532f-a76e-e98bc251499d
5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame FEE5
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
0
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81e3a030c91b92a7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 30 Oct 2023 12:22:46 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame BC2D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:45 GMT
expires
Mon, 30 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
832902
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8A67 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=881375C0-EB9F-4737-95AF-40E122751C01&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 30 Oct 2023 12:22:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W3XAAJ0AJS0PYC0QTAP1
Pug
image2.pubmatic.com/AdServer/ Frame 9ACD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=s1pL2ORfSYyoC0_csllV3eBdT4uoWUjY4F1jcKdq
42 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=s1pL2ORfSYyoC0_csllV3eBdT4uoWUjY4F1jcKdq
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=s1pL2ORfSYyoC0_csllV3eBdT4uoWUjY4F1jcKdq
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame F1A5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6340396427739311858&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6340396427739311858&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
4fe17d5d-5176-4520-b336-aa27141789ff
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6340396427739311858&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 29C6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7295725937739167901&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7295725937739167901&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 30 Oct 2023 12:22:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7295725937739167901&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 7123
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 30 Oct 2023 12:22:46 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 9FF1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
42 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Oct 2023 12:22:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 5E9E 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1698668567.595159,VS0,VE95
Pug
simage2.pubmatic.com/AdServer/ Frame 6B48
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 12:22:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 30 Oct 2023 12:22:46 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 03E3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCS2wwN0tmMEFBQUJsTk41RXpuZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABKl07Kf0AAABlNN5Ezng&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=182363225276983026&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AABKl07Kf0AAABlNN5Ezng&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D182363225276983026%26gdpr%3D0%26gdpr_consent...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=182363225276983026&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABKl07K...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKl07Kf0AAABlNN5Ezng&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKl07Kf0AAABlNN5Ezng&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 30 Oct 2023 12:22:47 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKl07Kf0AAABlNN5Ezng&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame BE7E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc673ae2883e34b00a7c7c9a7f7b17324
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc673ae2883e34b00a7c7c9a7f7b17324
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc673ae2883e34b00a7c7c9a7f7b17324
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 5D03
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Oct 2023 12:22:46 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
bridge
cm.adgrx.com/ Frame B3AD 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 30 Oct 2023 12:22:46 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
cm
ipac.ctnsnet.com/int/ Frame F6D6 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 30 Oct 2023 12:22:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 115F
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=142608696338964148
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=142608696338964148
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=142608696338964148
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 1906
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927991940653
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927991940653
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 30 Oct 2023 12:22:46 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084927991940653
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame 6A8B 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 30 Oct 2023 12:22:46 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-47d6b9f173de@version_1.575
X-core-time
1ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame AC7E 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame E408
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=16d0d15f50ccc768/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=359812d250110711887f147b4c0bb324&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbUQaQbVMVajjjTUS&gdpr=0&gdpr_consent=
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbUQaQbVMVajjjTUS&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbUQaQbVMVajjjTUS&gdpr=0&gdpr_consent=
sync
ads.servenobid.com/ Frame BB39 		0
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=881375C0-EB9F-4737-95AF-40E122751C01
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 30 Oct 2023 12:22:46 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 301A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBN1wOufRzeVr0DhInUcAQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=151549
accept-ranges
bytes
content-length
5606
expires
Wed, 01 Nov 2023 06:28:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 301A
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.249.50.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-50-243.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.79
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.22.148
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 301A
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1433622249
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1433622249
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 google
last-modified
Mon, 30 Oct 2023 12:22:46 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
via
1.1 google
last-modified
Mon, 30 Oct 2023 12:22:46 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1433622249
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 301A
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=881375C0-EB9F-4737-95AF-40E122751C01
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTI0akRabTdkcUFUZmlOSHE2ZUx5dGZBdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8844768291058234105&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
34.246.239.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 12:22:47 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 30 Oct 2023 12:22:47 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 301A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODgxMzc1QzAtRUI5Ri00NzM3LTk1QUYtNDBFMTIyNzUxQzAx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 301A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDPGC43YhzjU3Q6ZI1zZg90&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDPGC43YhzjU3Q6ZI1zZg90&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDPGC43YhzjU3Q6ZI1zZg90&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 301A 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 29 Oct 2023 12:22:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 301A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8844768291058234105
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8844768291058234105
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8844768291058234105
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 301A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
881375C0-EB9F-4737-95AF-40E122751C01
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 301A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/881375C0-EB9F-4737-95AF-40E122751C01?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:865d:cd9c:e13b:6712 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 301A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=881375C0-EB9F-4737-95AF-40E122751C01&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-705oLxZE2uW5b1UjN81RYrxdJC.NP90-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-705oLxZE2uW5b1UjN81RYrxdJC.NP90-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-705oLxZE2uW5b1UjN81RYrxdJC.NP90-~A&gdpr=0
date
Mon, 30 Oct 2023 12:22:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 301A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 301A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3278699062417990105&gdpr=0&gdpr_consent=&us_privacy=
1 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3278699062417990105&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3278699062417990105&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs-rtb.minutemedia-prebid.com/ Frame 301A
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6993edcb133f1635&is_secure=true&networkId=17100&version=1&nuid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHzm1ltWNSRANPHU9OAAAAAAA&expiration=1698754966&nuid=881375C0-EB9F-4737-95AF-40E122751C01&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=881375C0-EB9F-4737-95AF-40E122751C01
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=881375C0-EB9F-4737-95AF-40E122751C01
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2600:9000:2057:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
bFSnQcV4ttAm0RvSZIZ2k1piWwLPP0eT9NXduKlMZGbCSkFrB4Zuew==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=881375C0-EB9F-4737-95AF-40E122751C01
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 301A
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6a3bc4a3-bf39-4f75-89ca-c3bf3e4d55d3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=881375C0-EB9F-4737-95AF-40E122751C01
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=881375C0-EB9F-4737-95AF-40E122751C01
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2600:9000:2057:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
uCHRIejvzE6pet4E6UCSp39VIsLFQmfZBKVZbXeUf9_bSONQS2v_iw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=881375C0-EB9F-4737-95AF-40E122751C01
date
Mon, 30 Oct 2023 12:22:45 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
khaos.json
token.rubiconproject.com/ Frame 2954 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOCVEJ6V-13-BF9A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
v1
match.sharethrough.com/universal/ Frame 8B35 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.132.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-132-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
cs
cs.yellowblue.io/ Frame 8B35
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=2c922482e8db592fdaa3973f5a738b8&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=2c922482e8db592fdaa3973f5a738b8&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.254.46.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-46-142.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:47 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=2c922482e8db592fdaa3973f5a738b8&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698668566900031-564
Expires
Mon, 30 Oct 2023 12:22:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8B35
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6340396427739311858
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6340396427739311858
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 12:22:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
an-x-request-uuid
2de86413-bdff-47c6-9140-10414b689658
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6340396427739311858
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 8B35 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=Gyy_o0azkH_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
8844768291058234105
csync.smilewanted.com/set_partner_userid_get/adform/ Frame C885
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8844768291058234105
0
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/8844768291058234105
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81e3a030c91e92a7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 30 Oct 2023 12:22:46 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/8844768291058234105
server
nginx
k-S2SjLqpvkCBh2FRHEQrjdPWFM864WrriMqk1GQ
csync.smilewanted.com/set_partner_userid_get/criteo/ Frame F432
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=yhBMd19DTXJ1SlZUb1VNbDV2bGVuQzB4a3k3diUyRkx6MUZyRG5lOVNpMUU0RVZIbTY2TUZLMmlZYlkwMXRrQzZENTZreE9YWndpSUxIdngxNzdLcGFRNXMxaGJxZGptWGxLV3g4WktPcjIlM...
  • https://ssp-sync.criteo.com/user-sync/match?p=yhBMd19DTXJ1SlZUb1VNbDV2bGVuQzB4a3k3diUyRkx6MUZyRG5lOVNpMUU0RVZIbTY2TUZLMmlZYlkwMXRrQzZENTZreE9YWndpSUxIdngxNzdLcGFRNXMxaGJxZGptWGxLV3g4WktPcjIlMkI5UG0...
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-S2SjLqpvkCBh2FRHEQrjdPWFM864WrriMqk1GQ
0
667 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-S2SjLqpvkCBh2FRHEQrjdPWFM864WrriMqk1GQ
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81e3a030f95f92a7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 12:22:46 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-S2SjLqpvkCBh2FRHEQrjdPWFM864WrriMqk1GQ
server
Kestrel
strict-transport-security
max-age=31536000; preload;
khaos.json
token.rubiconproject.com/ Frame 4838 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOCVEJ6V-13-BF9A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
getuid
cookiesync.api.bliink.io/ Frame B58E 		24 B
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.65.172 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.65.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-length
48
content-type
application/json
date
Mon, 30 Oct 2023 12:22:47 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
4
b9c74158123d370e16c8b34244c2092
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 26F9
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b9c74158123d370e16c8b34244c2092?gdpr_consent=&gdpr=0
0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b9c74158123d370e16c8b34244c2092?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81e3a02f3f9992a7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 12:22:46 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 30 Oct 2023 12:22:46 GMT
Expires
Mon, 30 Oct 2023 12:22:46 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b9c74158123d370e16c8b34244c2092?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1698668566770094-578
sync
ads.servenobid.com/ Frame 2954
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOCVEJ6V-13-BF9A
  • https://ads.servenobid.com/sync?pid=323&uid=LOCVEJ6V-13-BF9A
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LOCVEJ6V-13-BF9A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LOCVEJ6V-13-BF9A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
usersync
usersync.gumgum.com/ Frame 4838
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOCVEJ6V-13-BF9A
  • https://usersync.gumgum.com/usersync?b=mag&i=LOCVEJ6V-13-BF9A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LOCVEJ6V-13-BF9A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 30 Oct 2023 12:22:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LOCVEJ6V-13-BF9A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
rtct_adp_lib.20200515.min.js
js.genieessp.com/j/ Frame 1FB7 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1551001
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.129 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:47 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 03:22:42 GMT
server
nginx
etag
W/"652cac82-411a"
content-type
application/javascript
cache-control
max-age=31536000, private
cross-origin-resource-policy
cross-origin
expires
Tue, 29 Oct 2024 12:22:47 GMT
cic
ialaddin.genieesspv.jp/yie/ld/ Frame 1FB7 		43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/cic?cik=10SdBYF1rTUMF6bYmUaKEJVwzcgwOS1Ml9OWUNNIoGyObZp775lQb_SnpitQH8zq95R21FcNkwJ6LPnXxFzKunxWTpY&noas=11030163
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AB5B 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
an-x-request-uuid
427a32a8-a03d-4d80-9ce9-99bb688ca7e6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.172; 45.12.222.172; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
track
t2.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-3&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564121&cid=1151813&pid=169092&p=7f79ggdoNnwtTW2mz1V2RAFvSOLiayZHxoZpX3DVm18NsubrwE4tzRhDZsxvWPade2cYYhDPGBY5RVQBLd-GK-3qYVMk7MPC1bX2dk7TBbgJHZF6-9y2MCRTstdyZB_kPvSq2V6fc0adHg3MxANs5nQGedWd3x-UVrxoqCBijlC1nVkysLeBU7SoJuZ6wsGjQ8PVSuZo-E0b95xoXRy1pa2fces-AkWXPzQOf6WZ7ZuoL8JjMcpi9TL7bjxgKCrgVxj6PgENE228Sw9LsSiY8Yn2E2KZPQILz9Xr3IaU2Zes3LWaTtFCYhzRFY1m88Yq9hSHEWykG4GDd4OnAv-N0YTFEGgDExv9Ag8gskRIQYuQQw&cs=-760938397223226670205&slot=native&fv=1281-psm-105&ts=1698668567253&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
pd
eu-u.openx.net/w/1.0/ Frame 1EA1 		795 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Requested by
Host: genieeintl-d.openx.net
URL: https://genieeintl-d.openx.net/w/1.0/jstag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8ef61e0a14db8150cccd5c82d4adaeca68e12077ebf444757e06060c54234104

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
459
content-type
text/html
date
Mon, 30 Oct 2023 12:22:47 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
track
t2.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-3&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564214&cid=1151813&pid=169092&p=l0UWQdWVq_YYEt_ioC_Cufd8qYglrSAsx_-9rKphuDf_xo3JJ0Whb5yVjn3VmF6KeRrsIUBZnQdgc8s1Z3tnTrknwJdKlAuJgDYF5pIyvagJo6Ca824qVQZC9iNC5trSajvqnhvS7YO-HJcYDiarcGsZbdUIZZr9rHL5Evdvx1WZdS58j8fWwsfrCCiap8DOivnrC5uOyQlfjZ1C8l9yDviwovVLjjgW4x-kruApw4W-s2DdJYlWo6E96mPFMvqGipawr5GgxGvtD5UFLcwtvBeNqyBMFMOcX-vOfrJbvb40N9t24x4Ybas_Ui2ZeVborDROVaU4R4s-O8KOs1k34fEegYZXvUZnpJEOCUp1C7lGFA&cs=-842714354820208429805&slot=native&fv=1281-psm-105&ts=1698668567460&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 1EA1
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084927991940653
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084927991940653
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084927991940653
Date
Mon, 30 Oct 2023 12:22:47 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 1EA1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZT_gFgAAAECjFgAm
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZT_gFgAAAECjFgAm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230066-FRA
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1698668567.491197,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZT_gFgAAAECjFgAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame 1EA1 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame 1EA1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?val=AABKl07Kf0AAABlNN5Ezng&id=537125688
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?val=AABKl07Kf0AAABlNN5Ezng&id=537125688
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?val=AABKl07Kf0AAABlNN5Ezng&id=537125688
Date
Mon, 30 Oct 2023 12:22:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 1EA1
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=cb2f88b24d91682&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIB6BDCfMYAwNi9gtfAAAAAAA&expiration=1698754967&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIB6BDCfMYAwNi9gtfAAAAAAA&expiration=1698754967&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIB6BDCfMYAwNi9gtfAAAAAAA&expiration=1698754967&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 1EA1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=c_nnShwtVAh8MbEa5ZaC-C0M3qw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=c_nnShwtVAh8MbEa5ZaC-C0M3qw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=c_nnShwtVAh8MbEa5ZaC-C0M3qw
Date
Mon, 30 Oct 2023 12:22:47 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
dds
rtb.openx.net/sync/ Frame 1EA1
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=67kFfWUSg8ajU54etOcm4A==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a028e905-5c38-a8a1-74f0-c45c98a9d113
pr-bh.ybp.yahoo.com/sync/openx/ Frame 1EA1 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/a028e905-5c38-a8a1-74f0-c45c98a9d113?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:865d:cd9c:e13b:6712 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 1EA1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a73b8582-338b-4d62-a442-5139364b70b9&expires=1&user_group=2&ssp=openx&bsw_param=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&gdpr_pd=
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=64a68355-cbc8-40ac-9c73-8746110319b1&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 30 Oct 2023 12:22:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 1EA1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=d5tyvEdt8IxQm2CcW9BK&pi=openx&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=d5tyvEdt8IxQm2CcW9BK&pi=openx&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=d5tyvEdt8IxQm2CcW9BK&pi=openx&gdpr=0
pragma
no-cache
date
Mon, 30 Oct 2023 12:22:47 GMT, Mon, 30 Oct 2023 12:22:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
11ToZ%2FWlCbYNLApHcoBqSz6Aah93NWY941ODEeS1MbEOWoqxP%2Bo5NofKwsAnwuthXw6MEZUV0fU3qDe0ImSbwR%2FJ7xA63WWS9jEy2yFluhkQDu%2F9KGTpLeGahnyZ59%2B7Jg7GqLd7ezWkr2B1aQ1tejQgRwVsvpnuQFmqM%2B5ttcFzy%2FX6l9KMck2...
ad.vidverto.io/delivery/v2/content/tracking/progress/1812/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1812/11ToZ%2FWlCbYNLApHcoBqSz6Aah93NWY941ODEeS1MbEOWoqxP%2Bo5NofKwsAnwuthXw6MEZUV0fU3qDe0ImSbwR%2FJ7xA63WWS9jEy2yFluhkQDu%2F9KGTpLeGahnyZ59%2B7Jg7GqLd7ezWkr2B1aQ1tejQgRwVsvpnuQFmqM%2B5ttcFzy%2FX6l9KMck2NQOH%2FmeGkZgIBIyg5JJs5o1KSKcQWvw%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:48 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
track
t2.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-4&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564121&cid=1151813&pid=169092&p=5dTWc6BTMeP1tdNVcujf8uuQgJgHFBMbG3Yha0zz2ulp8AQ7vQRb06Mpp2KWY6UOWBKS6eJbN3In-jpr8v-qsN0_7K08Lb_3QQ8OfvmcUGx89GwIbDIvRgUadL5Z9yHVaXb99WLJuC4-o87eJnJ23mpZxtq46lDHuTCEfDtmPDL0UOdo9DesVTFJEFfdGD-wWPNdUvgeqFC-7F0UZbg3sfed_UuDyQas2RBLnTVqog7rvBf4i7LycsX4asunfelmurCLX0vBSpXLdzy7FXbJc_uPL4pVCkvIDxKQyWAjQ62FaTGTueo0MB_Mi9A-ahfKbsJwJu4NQZvFlk414kT9KCASgGtn76fHgsrcJlG9m9AecQ&cs=86625009156438803205&slot=native&fv=1281-psm-105&ts=1698668568253&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-4&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564214&cid=1151813&pid=169092&p=V5m7o5kqr82_Uqibc1pLMvNti_vI_tQBTl91HE-5aArx8eIjoBH4bAsUyS1G5Eev6zDqZhSd7wQJBvgutkeBaHiZbpQWeTvG7Kwmzj1ksGHqxq6iXn6jXAt-eND_bWP6Tu0IB8_CFItRslv1IlgjPe7hJ0d7SiSxpfjzmrgYr1_dMuIMNNYEQqx37aRHAmGOw9WPc_JKoAk7K0e4umQJ_p585GVS3hE3Y5k-RuF-gdUKnGSYxI5UXDKvFMrVuhImnCNmU_YVA9J1KR8fvwmtXGtyXrLJCxTcQcgmClS4nndBOntV_1l_mLdla4RLg13B8F9RQHyspwJMMT_Q42qodLoVngHsU3Z91DGjCloZxz2aug&cs=373597474530215232605&slot=native&fv=1281-psm-105&ts=1698668568458&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698668568501&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1564&pt=-880460823&tz=60&viewable=true&ddast=V8WCcCLAYgTiYe56nzSRJAnEw8zlPnkywAAABgYID-AIlsTIbJxmFYi0wLi1s08s3Wws3MuFYsTK6Vx2QZ7EarISCRjckw2TgMa5FpYXGLRr7ZWriZGdeKhcm18pgsg91oNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ4aDodPte9Xvf73SU-z1zj9yv8ytdb43JrXW7dy-6WHl1unevvFj2cbrXT7nNrHHa38PWwu4VPh1tjdNh9bo3RZXdrjq6nW-J02N0ah9OtfNp9bt3L7lY-7T630GV3K552n1tjdN2FprfZDgAAAAAe_P___0MAAAAAiAAAAAAgAQAAAIBCQIV_CwIXAAAAADD8____awB45lDwZtPL7g8AAAAAIAAAAABIACCgH5YAiDHeO_H_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DLHyu-ApZbDxIVJAXIQRAAAAgBYGb9Yjk3SCikWV____fisAVwAAAhYBE4c8s-gOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqjHzCwNED9zs5pfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA1KD1Wg38kxWHtNqM5utLMvRcrAy2YaDlXM3mLm8p7YUeihxbnu7z4awzH7fQUE5PT1ml0HGcpkM4oOGYTkZBPMzYYvRajLZLIez5WIyGI6Go9H-COBygCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEQyOZr7ZZDNyK0y23Vq0nG3cyonH5JYsJ87ZzLPa7VYjt-j1MX08y8lqudgiwQC_vUieFulEZll5ZhOXaeYbLAa7mcnjslgmg9XKM5qZXMuVzSKWaE4W6UR22bcGq9Fu5JmsPKbVZjZbWZaj5WBlsg0HK-duMHP5i6OZbzbZjNwKk223Fi1nG7dy4jG5JcuJczbzrHa71cgten1MH89yslou9o3ZcjibDVezxb4xWw5ns-Fqtth36Azf1edsVJZVko_PthGendKa06BwGSzel_p0HhaMBfPJc3T6TJ9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNBkUsEVykE8HD7HaYXm6Jz7PxW8QSpekinegVfuXrrXG5tS637mV3S48ut871d4seTrfaafe5NQ67W_h62N3Cp8OtMTrsPrfG6LK7NUfX0y1xOuxujcPpVj7tPrfuZXcrn3afW-iyuxVPu8-tMbruQtPbbBFLBKeLdCJ6GU8X9R810GqumMwlk8lcsZusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTWD6FPf___8_DgAAgIwcegAAAPT7gLAkHrlQ6of5EeRgNdw_ABVirVar2421Wq2ABbVYDDYT-P___w8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ll451_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
357e12799ac18722d14ade52e7d86a015aa893b47db3724c487ccbe45d150efc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:48 GMT
content-encoding
gzip
server
nginx
machineid
1435
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 301A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3ap0v886690812&_p=816515634&gcd=11l1l1l1l1&cid=736758696.1698668561&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1698668563&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&dt=%E9%A0%90%E6%B8%AC%E6%9F%AF%E6%96%87%E5%93%B2%E3%80%81%E9%83%AD%E8%87%BA%E9%8A%98%E5%8F%83%E9%81%B8%E4%B8%8B%E5%A0%B4%E3%80%80%E9%99%B3%E6%B0%B4%E6%89%81%EF%BC%9A%E8%94%A1%E8%8B%B1%E6%96%87%E6%87%89%E5%BE%88%E6%B8%85%E6%A5%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 12:22:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=10143&tvi50=9058&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231030-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
62
date
Mon, 30 Oct 2023 12:22:49 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59251
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1698668569.020419,VS0,VE62
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
track
t2.teads.tv/ Frame D8B2 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-5&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_a8756758-f2f6-4a71-bc0c-f5693c3cad41&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564121&cid=1151813&pid=169092&p=GCSzcfALJzZS8WJEsa3NvPVOkccQvQi59Ok42XE-DzVxu6R3t955HLGf9EG8Pv8dkOOUUhornqdvl5GjGI_NiTVX1H3RUlZvyowt6p0UzaKdzP5oBEOJhmDht26Qvn-b744EtVUDB9Mt2_VnZos0eVWQoNwORgj5eVqUSM9AtVw9Vi4FHgJmcq30QpXrRWYUqETt_4thEkJTdn8H0fOwDO5zF0-SPagkLjOJhZukS2Qer_x7Oq9lW4oWiVcu-K1jAhYgpU5gRPoIDNUw4IqGTsSDFfBvZfBI-QIjTR2UFVT6l7dkFV2eoHKzijLjRIjwCA5cDV-8-X4sUAu7Qz0bAJEWA8i9cEnhoMS0CBo8PY_7_A&cs=-63385154505567185605&slot=native&fv=1281-psm-105&ts=1698668569253&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame A5BB 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-5&vid=79c99a8b-d5ff-4125-8027-48c385b4e551&gid=1088632&studio_cid=310b7ab0-6db8-11ee-a585-b76ba60705ff&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=74699b75-83cd-435d-a5cf-23ca0c1324f5_90a38b6b-6f7b-4a2d-8976-50302519853c&pscid=20204&scid=7024&pfid=71&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1698668564215&cid=1151813&pid=169092&p=Ekrh9GlPuYtXV9gEaFJB6hhv7EXNDj3UqHv9aEp8Gk1uwG8NawWHgY71lL-Lh5MrFN5fgmVx8OJYibqilNldBSogps5n0HZ2vcrw6peG8VhruM7sYAdwZurUbYoy39qJ3RPx1dUVMwuxK1M40--ocETVtnA_gsyjRUHLHaLyivJthFNtE73P3wbkLyeFKyWYNGBgzsHzvkFY0uM61rzxIpOXXRn6P_R9s1LWKCclZQnXQ-lgEF0U_1GguMnMqWs6MRxJh2OGmVgRHfndfXjT5krqRhoobbD7A3Iz8mQ2pwkQqpuuSohkUQ8bm0H07mZkUCS_4VFI-6Ev4IH9gHd5MsLUmaZgTCtp2EfD8HhqKxpiWQ&cs=913952752849870294105&slot=native&fv=1281-psm-105&ts=1698668569457&plft=flv&hb_w=300&hb_h=250&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 30 Oct 2023 12:22:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 301A 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86997921&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
da4c471726aadbad0195d59ab38a006656294071b4ff81f98f923080b0036407

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 30 Oct 2023 12:22:48 GMT
content-length
1479
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame BD7F 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54643895&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
da4c471726aadbad0195d59ab38a006656294071b4ff81f98f923080b0036407

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 30 Oct 2023 12:22:47 GMT
content-length
1479
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 8F0A 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 30 Oct 2023 12:22:49 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
a.tribalfusion.com/ Frame A67C 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame D998 		0
0
pub
matching.truffle.bid/sync/ Frame 1671 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 30 Oct 2023 12:22:49 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame A509
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 12:22:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 30 Oct 2023 12:22:49 GMT
expires
Sun, 29 Oct 2023 12:22:49 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 6478
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5040206501
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5040206501
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 30 Oct 2023 12:22:49 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 30 Oct 2023 12:22:49 GMT
etag
RX7950cb2a8ff64fabbb392d2fa962f349003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5040206501
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame 6B44 		0
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=881375C0-EB9F-4737-95AF-40E122751C01
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 30 Oct 2023 12:22:49 GMT
mw
mwzeom.zeotap.com/ Frame 301A 		95 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=881375C0-EB9F-4737-95AF-40E122751C01
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81e3a0400e9c2c3f-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 301A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent=
0
0
generic
match.adsrvr.org/track/cmf/ Frame 301A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:49 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
mw
mwzeom.zeotap.com/ Frame BD7F 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=881375C0-EB9F-4737-95AF-40E122751C01
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:22:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81e3a0400e9f2c3f-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame BD7F
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent=
0
0
pixel
cm.g.doubleclick.net/ Frame BD7F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=16d0d15f50ccc768
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79e98d8e-03a5-4903-7706-2de81d9b7340&reqId=1f39a69e-090e-4334-7ab9-baa724b2504e&zclui...
0
0
match
c1.adform.net/serving/cookie/ Frame 1927 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=881375C0-EB9F-4737-95AF-40E122751C01&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 30 Oct 2023 12:22:49 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
a.tribalfusion.com/ Frame 22A1 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame CC5E 		0
0
pub
matching.truffle.bid/sync/ Frame D58D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 30 Oct 2023 12:22:49 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 4995
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 12:22:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 30 Oct 2023 12:22:49 GMT
expires
Sun, 29 Oct 2023 12:22:49 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BE20870EE5004455BB2BCDBEDB1ECC7B&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame A847
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2688155207
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2688155207
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 30 Oct 2023 12:22:49 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 30 Oct 2023 12:22:49 GMT
etag
RX7950cb2a8ff64fabbb392d2fa962f349003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2688155207
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
usersync
usersync.gumgum.com/ Frame DAC4 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=881375C0-EB9F-4737-95AF-40E122751C01
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 30 Oct 2023 12:22:49 GMT
Expires
0
Pragma
no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/59c5f2e7760fd96ebcf9f7303e6534f3.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/fe4d9139bee1fe35e91a0c453e58f669.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/86ae6db3e7e248517f7efb7f2ba062ea.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/bddcbead2f642177e1222dbf75dd143f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/55efd629e464616b26ba77bb199aec96.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a00fe52d5c038664dba2c6e8cf64d6be.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/5b84400880c94f1059ecf8053ecde4cf.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/796238c29aeaa8b7f27eb6820806f31e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e9d8fd0a5bf2ce6b5ea7828cf3150aaa.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/7a36f6a4cfb913b88811d461010a38b3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/d72d8124efa8645a65df859099f71f16.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/46a745b78c3bf15ee345d0e1bfca1b9e.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/4cb09b0c98732b3b1b9df0f423afdc6e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/d8e01b31b9f060b636cdba3c18759038.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/92f9a100f19a65277e02a50632a6b5cf.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e89e1025430507aa33c6611ecc16cd7b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/59c5f2e7760fd96ebcf9f7303e6534f3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/69efb5046fc96d4c136c6178b3b4e781.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ea9eb89c0a40fc161d5ba35d17b579f4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f2b7dfe4155877ab0369cc0b6cbe7ca0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/c7c5a8663b60163f846e700ef797a5a0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ca14f90cb0b0673e41ab6ef0b8a8ada0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e399d608295bcaf2cbe9f6d8748b0e8d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1eff246c4c72d66180f82e42ce9e0e51.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/05d0229829262bd95da5938e13f56b72.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/2a76131986229d82dcd2b81fdf6dac75.jpg?w=150&h=100&q=100
Domain
s8t.teads.tv
URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-b1605fb0-6db7-11ee-8490-7bdc52557b04.jpg
Domain
s8t.teads.tv
URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-b1605fb1-6db7-11ee-8490-7bdc52557b04.jpg
Domain
s8t.teads.tv
URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-d45224e0-6db7-11ee-8490-7bdc52557b04.jpg
Domain
s8t.teads.tv
URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-dbabdba0-6db7-11ee-8490-7bdc52557b04.jpg
Domain
s8t.teads.tv
URL
https://s8t.teads.tv/creative-310b7ab0-6db8-11ee-a585-b76ba60705ff/performance-slide-e0d285c0-6db7-11ee-8490-7bdc52557b04.jpg
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent=
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=881375C0-EB9F-4737-95AF-40E122751C01&sInitiator=external&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79e98d8e-03a5-4903-7706-2de81d9b7340&reqId=1f39a69e-090e-4334-7ab9-baa724b2504e&zcluid=16d0d15f50ccc768&zdid=1332
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| AMP function| _statcounter object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| _typeof object| TRC object| _tblConsole undefined| msg object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| google_measure_js_timing number| google_unique_id object| aries object| adRecover object| ucf object| request string| paramsString undefined| $ undefined| jQuery function| jqAlias number| vidverto object| regeneratorRuntime object| aries_registry function| setImmediate function| clearImmediate string| nam object| placementData string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| cmTag object| google_reactive_ads_global_state function| inView function| VASTClient function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| _aries object| inViewWindow object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| _cm_wfCounters string| lastWfUrl object| vidvertoPromiseCache object| closure_lm_529335 function| quantserve function| __qc object| ezt object| _qoptions function| VidvertoPlayerVideoPlaylistUI object| closure_lm_753874 function| startCMTagMain string| category object| google_ad_modifications object| google_prev_clients object| closure_lm_486588 function| OvaMediaPlayer function| shuffle object| entertainment object| arrToUse object| playlist boolean| descriptionPage object| googDdmPs object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135

215 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARCwFg
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1698668561.7B9E060C6B154F835F593D2450E5A3C4.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1698668560.0
.statcounter.com/ Name: is_visitor_unique
Value: 1698668560101719137
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1698668561.1.0.1698668561.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.736758696.1698668561
.bg3.co/ Name: __gpi
Value: UID=00000cada0317083:T=1698668561:RT=1698668561:S=ALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A
.doubleclick.net/ Name: IDE
Value: AHWqTUn0oEFqsBQ88SON0S8CXz8rBeiR3VkjngPDYtfMYjjzMm2qafQkavyEHFpqqIg
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D84f7623d-ad67-496c-9bcd-29b96f35775d-tuctc392591
ad.vidverto.io/ Name: moxuuid
Value: eda524d3-db0f-4396-b0c0-e4ca193877f2
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1698754961
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1698754961
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1698754961
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1698754961
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1698754961
.bidswitch.net/ Name: tuuid
Value: 64a68355-cbc8-40ac-9c73-8746110319b1
.bidswitch.net/ Name: c
Value: 1698668561
.bidswitch.net/ Name: tuuid_lu
Value: 1698668561
www.bg3.co/ Name: __AP_SESSION__
Value: aa7cab0c-0f63-4c95-be47-f947d4d7db40
.aralego.com/ Name: sspid
Value: a8e44f0a-5198-33c7-8fd9-6f3707dae864
a4p.adpartner.pro/ Name: apuid
Value: 0d9be2e0-384f-4b31-983f-7e634fd2774b
ad.vidverto.io/ Name: adpartner
Value: 0d9be2e0-384f-4b31-983f-7e634fd2774b
ad.vidver.to/ Name: bidswitch_com
Value: 64a68355-cbc8-40ac-9c73-8746110319b1
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: d4c87485-905d-464d-88c3-54389fc9c280
.admixer.net/ Name: am-uid
Value: 03243cb247614ff1bf2b9c143f82852f
.aralego.com/ Name: euconsent-v2
Value:
.prebid.a-mo.net/ Name: __amc
Value: 1_1698668562_1698668562
.omnitagjs.com/ Name: ayl_visitor
Value: 678a602a62da295f56ae23c30c2c17c7
.rubiconproject.com/ Name: khaos
Value: LOCVEJ6V-13-BF9A
.teads.tv/ Name: tt_viewer
Value: 79c99a8b-d5ff-4125-8027-48c385b4e551
.yahoo.com/ Name: A3
Value: d=AQABBBKgP2UCEPV_8LFFIu7iFAw9YUje7T0FEgEBAQHxQGVJZQAAAAAA_eMAAA&S=AQAAAnA25RhyXQibXPBWna_f7ME
.quantserve.com/ Name: mc
Value: 653fa012-d7b76-ce275-60fe2
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2GUinY>B!!@wnf-Te9(S@mqC2lWGcn<f<Kp6CPsZNFpLqk?`F0syN7cUnYN%v4VB%nlwT(LHj5
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPQ1ZFSjZWLTEzLUJGOUEiLCJleHBpcmVzIjoiMjAyNC0wMS0yOFQxMjoyMjo0M1oifX0sImJpcnRoZGF5IjoiMjAyMy0xMC0zMFQxMjoyMjo0M1oifQ==
.bidr.io/ Name: bito
Value: AABKl07Kf0AAABlNN5Ezng
.bidr.io/ Name: bitoIsSecure
Value: ok
.bg3.co/ Name: __qca
Value: P0-1799381941-1698668562382
.tapad.com/ Name: TapAd_TS
Value: 1698668563151
.tapad.com/ Name: TapAd_DID
Value: 1ed942d3-5ab8-46b6-936c-6bf3dc93edcf
.linkedin.com/ Name: bcookie
Value: "v=2&dab3eddd-8135-492f-8823-5c8486f4a233"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTg2Njg1NjM7MjswMjG4947rMrDpWSqCFsV5SNZO5ymPSYar3cYosDE2Z3j2cg==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3038:u=1:x=1:i=1698668563:t=1698754963:v=2:sig=AQE1Meb01Eu55E1UPk-btxQaE1Yk5OQA"
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bg3.co/ Name: __gads
Value: ID=5ff8dc6b5940bfe0-225785af1fe300b9:T=1698668561:RT=1698668563:S=ALNI_MaysiqzvMoGL8MkkHMz71Ia3K4lLQ
.primis.tech/ Name: csuuid
Value: 653fa01344119
.amazon-adsystem.com/ Name: ad-id
Value: A8ogbuL1BkvBibOlZMXsjzM
.ipredictive.com/ Name: cu
Value: f2bf897b-88a0-4ada-aea5-88c7203f3f13|1698668563475
ads.smartstream.tv/ Name: DID
Value: efffa26a7bed60e21a8b25cb7d735d95
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
cm.adsafety.net/ Name: UID
Value: CM12023103012f5290df9da12967bd56
.adsafety.net/ Name: cm_uid
Value: CM12023103012f5290df9da12967bd56
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvdVA3cGpLSUlqZHhybkhoQ0FHclhHYWdSMG5hM0Fzb3BmOXQvTTUvZ0tQUDF5UFRzdkRVR2VzRlBHdXZmRXJVR0hYcGJvS1hKTkhsbE5FejdjajRkK0hIVHdoaE9NcHNJVzZTNFJWYUVuYkZYVXp3OHVkOC9qa212Z0hPM25KSjlZV3k2SnV1NFpnc0x2NWJSV3I0QUxZamRIQU1WMWVvdHNySFpVTGVOak9mbmx2RXBzWmMvbzhhNC91MHNzVFNtaDFENDR0L003aThCOGFJNncvOXVPNWFDOVNpZlk2YWUvVElkL1hlY0dvZzRtY3k2MGNvb0lRV1IzTGJ3ZHdPZE5iVGkrSldxRHEyMkxkZmFlalp3Vmk1ZHJLL0VWMnFPYy9wckVTMGNVeGNxaGtobnR0NjZGeWNTbjRsUTJWWmdRPT0%3D
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1698668563.1.0.1698668563.0.0.0
.www.bg3.co/ Name: _im_vid
Value: 01HE08JKN3K6V4B9MZNHFVYB0P
.acuityplatform.com/ Name: auid
Value: 846803918736
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRWARFHWqmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVgERR1qo90aGlyZFBhcnR5VXNlcklkWkNBRVNFTWZHaFY4UkZScU9MY0FJTll5bm4yOPv7hnZlcnNpb27C+w=="
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8844768291058234105
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
.smartadserver.com/ Name: pid
Value: 182363225276983026
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-73f9e74a-1c2d-5408-7c31-b11ae59682f8.DZtf7e0KKAasuv3Kfl2TyVlEH9uOKYOWK%2Bu8OwUiLdg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-73f9e74a-1c2d-5408-7c31-b11ae59682f8.DZtf7e0KKAasuv3Kfl2TyVlEH9uOKYOWK%2Bu8OwUiLdg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ac_nnShwtVAh8MbEa5ZaC-C0M3qw.hnPB%2FZtPs9Ajx4t%2Fsr3rIBoJ4MPGdcjdDKvIR0IbLCs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ac_nnShwtVAh8MbEa5ZaC-C0M3qw.hnPB%2FZtPs9Ajx4t%2Fsr3rIBoJ4MPGdcjdDKvIR0IbLCs
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFfmwgzuAmxxYy8b38bHMACRSyK88MyT8gOkF33LZF7TEHwYBCCUwP6pBjABOgTwi70wQgQpn7u7.94EjFG18UPk2HEUJFRm%2F8ZldQWaAP%2Fm7wrj4PzZhav8
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFfmwgzuAmxxYy8b38bHMACRSyK88MyT8gOkF33LZF7TEHwYBCCUwP6pBjABOgTwi70wQgQpn7u7.94EjFG18UPk2HEUJFRm%2F8ZldQWaAP%2Fm7wrj4PzZhav8
.criteo.com/ Name: uid
Value: e804ed7b-79f3-429f-84e0-199fb6f55d3c
.krxd.net/ Name: _kuid_
Value: P4slKTzB
.agkn.com/ Name: ab
Value: 0001%3AfHahT2GVYJpe6n1JNMFUn5qchS5%2BGWMq
.awin1.com/ Name: awpv11482
Value: 412871|1698668564|07649d71-771f-11ee-92fe-22394270969d
.tryiqos.ch/ Name: emid
Value: 653fa0149f124088292d8bd7
.tryiqos.ch/ Name: trs
Value: 653fa0149f124088292d8bd8
.bluekai.com/ Name: bku
Value: m3X99OuQwtUFe+zx
.bluekai.com/ Name: bkpa
Value: KJy9DQY+d02pSUHknpx6meDTwtkAwEz8RpA8RECinVxNjZR+BeW0Bu6T1e/lnExTRp1TBV/6jEDN1P2k5P2MSYjLSVNo5e6hJk26wEWtmEQtBMQNBMxpBe9e9n/VaZ1=
.adnxs.com/ Name: uuid2
Value: 6340396427739311858
.awin1.com/ Name: awpv18851
Value: 412871|1698668564|07736a81-771f-11ee-b3f6-2239b4908fbf
.awin1.com/ Name: AWSESS
Value: 382783:2578904
www.conrad.ch/ Name: HTLP_timestamp
Value: 1698668564868
www.conrad.ch/ Name: CEAffHA
Value: AW
.www.conrad.ch/ Name: __cf_bm
Value: g7pE2pxF_1L2qf0guAD2ZJXlQHUA9gXaMqmdwpVHt80-1698668564-0-ASrBp2aviZLnYNN54ESueT5hQO7yv/aaQfApQpaLoQTND+soHL1/68Dgt4g5yqU6IuizPeFXu5e+oJEn2Ora4ME=
www.bg3.co/ Name: OX_plg
Value: pm
.openx.net/ Name: i
Value: e743b018-6513-051f-1ff1-1a4103d92fa7|1698668565
.gssprt.jp/ Name: gid
Value: c69c57c86b3e7a51cab28b494180d281
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-30T12%3A22%3A46%22%7D
.genieesspv.jp/ Name: rtbhouse
Value: 0
.genieesspv.jp/ Name: yeahtargeter
Value: 0
.genieesspv.jp/ Name: gid
Value: c69c57c86b3e7a51cab28b494180d281
.casalemedia.com/ Name: CMPS
Value: 3353
.servenobid.com/ Name: pid_337
Value: y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
.servenobid.com/ Name: pid_339
Value: y-qtA1qVJE2uH7QjtGsSGqRk.a.t1Rp_M75BXr1pY-~A
.servenobid.com/ Name: pid_312
Value: 6340396427739311858
.servenobid.com/ Name: pid_317
Value: 182363225276983026
.gumgum.com/ Name: vst
Value: e_1876b157-c785-4fb8-90ac-5cb0243b4174
.servenobid.com/ Name: pid_333
Value: ZT-gFvAKAxf_Axit5l3mIwAABIgAAAAB
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 881375C0-EB9F-4737-95AF-40E122751C01
.pubmatic.com/ Name: DPSync3
Value: 1699833600%3A201_245_241_235
.servenobid.com/ Name: pid_309
Value: e_1876b157-c785-4fb8-90ac-5cb0243b4174
.servenobid.com/ Name: pid_324
Value: 5140084927991940638
.servenobid.com/ Name: pid_353
Value: 0000EEA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mre0NLQ0MTAzNRbiM9Q1yy73dbEwK3dN8YwEAIAJ2NQlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mre0NLQ0MTAzNRbiM9Q1yy73dbEwK3dN8YwEAIAJ2NQlAAAA
.casalemedia.com/ Name: CMID
Value: ZT.gFvAKAxf-Axit5l3mIwAA
.casalemedia.com/ Name: CMPRO
Value: 1160
.minutemedia-prebid.com/ Name: wrvUserID
Value: 3VmVB0a-kp_mm
.sitescout.com/ Name: ssi
Value: 141fd85d-b2b3-41e5-924b-dbf0d1b4e605#1698668566401
.w55c.net/ Name: wfivefivec
Value: LSHGDzFd1QXri65
.lijit.com/ Name: ljt_reader
Value: HkompRZHRwPaAVS6SuCSmYNt
.company-target.com/ Name: tuuid
Value: 293037fc-6a89-48ea-8740-95cb32aa18e1
.company-target.com/ Name: tuuid_lu
Value: 1698668566|ix:0
.contextweb.com/ Name: V
Value: BRFaRERwbXGE
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 824e88c76b6986eb
.turn.com/ Name: uid
Value: 3278699062417990105
.creativecdn.com/ Name: u
Value: d5tyvEdt8IxQm2CcW9BK
.creativecdn.com/ Name: ts
Value: 1698668566
.w55c.net/ Name: matchcasale
Value: 5
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.go.sonobi.com/ Name: __uis
Value: 9da0abaa-c749-4dd1-9974-bed4d8f4e335
.go.sonobi.com/ Name: HAPLB8G
Value: s86224|ZT+gG
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003%22%2C%22nxtrdr%22%3Afalse%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZT_gFgAAAECjFgAm
.yellowblue.io/ Name: wrvUserID
Value: Gyy_o0azkH_s
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-c669641f-8e08-31b6-ac60-f89a647c57ec
.servenobid.com/ Name: pid_332
Value: 9da0abaa-c749-4dd1-9974-bed4d8f4e335
.quantserve.com/ Name: d
Value: ENQBEQGnKvijCJiTAA
.3lift.com/ Name: tluid
Value: 262362810947758941118
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2ero:19e0~2ero:198o~2ero:18z8~2ero"
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5ODY2ODU2NjYyNCwiMjQiOjE2OTg2Njg1NjY0ODMsIjM5IjoxNjk4NjY4NTY2NDgzLCI3IjoxNjk4NjY4NTY2NDgzfQ
.servenobid.com/ Name: pid_348
Value: 3VmVB0a-kp_mm
.servenobid.com/ Name: pid_316
Value: 881375C0-EB9F-4737-95AF-40E122751C01
.servenobid.com/ Name: pid_352
Value: Gyy_o0azkH_s
.gsspat.jp/ Name: gid
Value: 3a465b875db240fde634d60a981a3cb7
.adfarm1.adition.com/ Name: UserID1
Value: 7295725937739167901
.adx.opera.com/ Name: UID
Value: OPUc673ae2883e34b00a7c7c9a7f7b17324
.ctnsnet.com/ Name: cid_3990b38dd01d4e5fbfe95d411e5dce73
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: BUttv3THHqMF94
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-c_nnShwtVAh8MbEa5ZaC-C0M3qw&KRTB&23334-c_nnShwtVAh8MbEa5ZaC-C0M3qw&KRTB&23417-c_nnShwtVAh8MbEa5ZaC-C0M3qw&KRTB&23426-c_nnShwtVAh8MbEa5ZaC-C0M3qw
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6340396427739311858&KRTB&23339-6340396427739311858
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8844768291058234105&KRTB&23263-8844768291058234105&KRTB&23481-8844768291058234105
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3278699062417990105&KRTB&23150-3278699062417990105&KRTB&23527-3278699062417990105
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-64a68355-cbc8-40ac-9c73-8746110319b1
.simpli.fi/ Name: suid
Value: BE20870EE5004455BB2BCDBEDB1ECC7B
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003%22%7D
.de17a.com/ Name: guid
Value: 1.142608696338964148
.pubmatic.com/ Name: SyncRTB3
Value: 1699833600%3A234_88_264_196_21_22_220_238_8_13_251_165_254_161_233_204_81_166_214_55_71_3_56_54_46%7C1699228800%3A223_2_15%7C1701216000%3A203%7C1699920000%3A35%7C1699488000%3A63
.pubmatic.com/ Name: pi
Value: 161683:3
.csync.loopme.me/ Name: viewer_token
Value: 7859dd7c-4d94-4a85-ac6e-0066a7b17397
.adsby.bidtheatre.com/ Name: __kuid
Value: 6a3bc4a3-bf39-4f75-89ca-c3bf3e4d55d3.467882566
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-s1pL2ORfSYyoC0_csllV3eBdT4uoWUjY4F1jcKdq&KRTB&19420-s1pL2ORfSYyoC0_csllV3eBdT4uoWUjY4F1jcKdq&KRTB&22979-s1pL2ORfSYyoC0_csllV3eBdT4uoWUjY4F1jcKdq&KRTB&23403-s1pL2ORfSYyoC0_csllV3eBdT4uoWUjY4F1jcKdq
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDPGC43YhzjU3Q6ZI1zZg90&KRTB&23025-CAESEDPGC43YhzjU3Q6ZI1zZg90&KRTB&23386-CAESEDPGC43YhzjU3Q6ZI1zZg90
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348&KRTB&23418-141fd85d-b2b3-41e5-924b-dbf0d1b4e605-653fa016-4348
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5140084927991940653
.rqtrk.eu/ Name: browser_id
Value: 1:74f58c5b-12ba-4061-b6fd-1f58bd90d7ce
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7295725937739167901&KRTB&23369-7295725937739167901
.zemanta.com/ Name: zuid
Value: wX2uT1VheezguExWq1fo
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUc673ae2883e34b00a7c7c9a7f7b17324&KRTB&23485-OPUc673ae2883e34b00a7c7c9a7f7b17324&KRTB&23524-OPUc673ae2883e34b00a7c7c9a7f7b17324
.liadm.com/ Name: lidid
Value: 0feb286f-190a-467f-9546-c26b11f63ec9
.ads.stickyadstv.com/ Name: UID
Value: 2c922482e8db592fdaa3973f5a738b8
.us.ck-ie.com/ Name: CID
Value: 6bd911faa366cb0f3ef9278196a4e9d0b89a13e8
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 0addc5d3-e6d0-532f-a76e-e98bc251499d
.betweendigital.com/ Name: ss
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 359812d250110711887f147b4c0bb324
.audrte.com/ Name: arcki2
Value: a24jDZm7dqATfiNHq6eLytfAw!20220908!1698668566926!ip#45.12.222.172
.audrte.com/ Name: arcki2_pubmatic
Value: 881375C0-EB9F-4737-95AF-40E122751C01!20220908!1698668566926
.smartadserver.com/ Name: csync
Value: 79:e804ed7b-79f3-429f-84e0-199fb6f55d3c|113:RX-7950cb2a-8ff6-4fab-bb39-2d2fa962f349-003
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHzm1ltWNSRANPHU9OAAAAAAA&KRTB&22713-AAAHzm1ltWNSRANPHU9OAAAAAAA&KRTB&22715-AAAHzm1ltWNSRANPHU9OAAAAAAA&KRTB&23519-AAAHzm1ltWNSRANPHU9OAAAAAAA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.gssprt.jp/ Name: lamp
Value: 3a465b875db240fde634d60a981a3cb7
.audrte.com/ Name: arcki2_ddp2
Value: a24jDZm7dqATfiNHq6eLytfAw!20220908!1698668567026
.c.appier.net/ Name: _auid
Value: VRiS5qLTDW-vQv0WFqA_ZQ
.audrte.com/ Name: arcki2_adform
Value: 8844768291058234105!20220908!1698668567122
ads.playground.xyz/ Name: connect.sid
Value: s%3A-PVR2CXId2TERXaDBltU1-dW8mggTAhj.8SGcOjadAFgW6%2FxQ0OHdu%2F0Ul3k2eeACgOI5fm%2B29Io
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-142608696338964148
.pubmatic.com/ Name: PugT
Value: 1698668567
.onaudience.com/ Name: cookie
Value: 16d0d15f50ccc768
.onaudience.com/ Name: done_redirects104
Value: 1
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1npj|7dN.0.AABKl07Kf0AAABlNN5Ezng|7bq.0.1
.betweendigital.com/ Name: ut
Value: ZT-gFwADQAiDRc-Nq1UEdv0rXtdWlDypKd1vHg==
.smilewanted.com/ Name: sw_user_params_infos
Value: 0R68F7zWieH%2BE5Dk4inrfu5EkOux1Rwz9loFlqCQaajdwtW3W1Ys%2Bx9qPrVawbj1g%2BHuAZGug1d5gFoGaZeV5be8Lcur93%2FZNaWk9x4OsXh%2BitK1HYo0wwTbBvC%2F8JlTX5NIjCNwNEMV197H451CrPnFSMu5Ypiq6tqpSJJ3gsu%2FT4B%2FPfLu6F5%2FUJ2V%2BMlTkLGd4t1CSQ5oXbYBzS43Kf3acyhnuNAQr99qgXvuhbos%2Ba4awXuH8tseF3JUtXzqBAJutTZwkfyvTIbzUnYuAtTIJbI5lvJ81cl3oT7qoi9refTtgSqOfRaxrbdV%2B8qpZFP3sQqqYI9Pws%2FJL%2BNTPakpSjtc0kh8OzzrkUa6jk4J%2FyAlEpUs4MJupXFMk9ho
.rezync.com/ Name: zync-uuid
Value: fc193f67-8a66-43f5-adb5-e358cf0f6f35:1698668567.2522514
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-NOvcHvPGbUQaQbVMVajjjTUS
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABKl07Kf0AAABlNN5Ezng
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq07WRi9uFIoVqbBgMWySGKnddJL2ro259X+13DaoJuaBvKFefrv2iCc7rCz2U4vJ0hVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.gssprt.jp/ Name: appier
Value: VRiS5qLTDW-vQv0WFqA_ZQ
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByQ3AMAgEwE_aITKYM91YrCjElWfmPlGow9hNigrSXqDDMmSJstk9EP_YK93TPF4x5iX6A1btgZM6AAAA
.servenobid.com/ Name: pid_323
Value: LOCVEJ6V-13-BF9A
.openx.net/ Name: pd
Value: v2|1698668566.1|iyvQgevNgun0.j8vSgqwksLiSmOsfnswL
.socdm.com/ Name: SOC
Value: ZT.gF8Co8XoAAPB5d64AAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13MsQ2AMAwFUTEAFXMYxY7zE7NNFCsDUVIyAiWjUVESUT6ddNc0M6wAJQFgvQdnNTxjj0X2JZtbZY-N1C2TtuBUWTql4pZ6bN0F2zdZJTEH0WMZz4Lz5xdtlU7AigAAAA
.dotomi.com/ Name: DotomiTest
Value: cb2f88b24d91682
.blismedia.com/ Name: b
Value: 653FA01719BA74C002779EB5BLIS
live.rezync.com/ Name: sd-session-id
Value: .eJwNzE0KwyAQQOG7zDoW_2Z0vExIzQjSxpaYbBpy97p88PEumL-yb0uTdkA69lMmyO86qkO6oNffJi9IgMZrHT3bwGzYa0IH9wRdeq-fNtd1mJINu0JBxYVIeVdQLesTlTiMuehCxWEyxJEoIoWHRWvHF-4_vXUl8A.ZT-gFw.VxRvex95HxNtRJiM3tUsCrjoGOs
.nrich.ai/ Name: _nauid
Value: a73b8582-338b-4d62-a442-5139364b70b9
.rlcdn.com/ Name: pxrc
Value: CJTA/qkGEgUI6AcQABIGCLbqARADEgYIuuoBEAA=
.mediarithmics.com/ Name: mics_vid
Value: 52634385712
.mediarithmics.com/ Name: mics_uaid
Value: web:1:4063d36c-580e-4168-a84c-e90b24bd5daf
.mediarithmics.com/ Name: mics_lts
Value: 1698668568119
.rlcdn.com/ Name: rlas3
Value: JsM1N7oWIPc9KCPGv8a9CAcDScnRDxhjMDSw2IsWE4w=
.pubmatic.com/ Name: SPugT
Value: 1698668567
.servenobid.com/ Name: pid_310
Value: HkompRZHRwPaAVS6SuCSmYNt

35 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/d72d8124efa8645a65df859099f71f16.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/59c5f2e7760fd96ebcf9f7303e6534f3.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e9d8fd0a5bf2ce6b5ea7828cf3150aaa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/5b84400880c94f1059ecf8053ecde4cf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/796238c29aeaa8b7f27eb6820806f31e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/7a36f6a4cfb913b88811d461010a38b3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/fe4d9139bee1fe35e91a0c453e58f669.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/86ae6db3e7e248517f7efb7f2ba062ea.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/55efd629e464616b26ba77bb199aec96.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/bddcbead2f642177e1222dbf75dd143f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/46a745b78c3bf15ee345d0e1bfca1b9e.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a00fe52d5c038664dba2c6e8cf64d6be.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/4cb09b0c98732b3b1b9df0f423afdc6e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/d8e01b31b9f060b636cdba3c18759038.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e89e1025430507aa33c6611ecc16cd7b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/92f9a100f19a65277e02a50632a6b5cf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/59c5f2e7760fd96ebcf9f7303e6534f3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ea9eb89c0a40fc161d5ba35d17b579f4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/69efb5046fc96d4c136c6178b3b4e781.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f2b7dfe4155877ab0369cc0b6cbe7ca0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/c7c5a8663b60163f846e700ef797a5a0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e399d608295bcaf2cbe9f6d8748b0e8d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ca14f90cb0b0673e41ab6ef0b8a8ada0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1eff246c4c72d66180f82e42ce9e0e51.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/05d0229829262bd95da5938e13f56b72.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/2a76131986229d82dcd2b81fdf6dac75.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EveXUtY2Uta2Utd2VuLXpoZS1ndW8tdGFpLW1pbmctY2FuLXh1YW4teGlhLWNoYW5nLWNoZW4tc2h1aS1iaWFuLWNhaS15aW5nLXdlbi15aW5nLWhlbi1xaW5nLWNodS5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698664963&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyu-ce-ke-wen-zhe-guo-tai-ming-can-xuan-xia-chang-chen-shui-bian-cai-ying-wen-ying-hen-qing-chu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698668562163&bpp=250&bdt=806&idt=882&shv=r20231025&mjsv=m202310240101&ptt=5&saldr=sd&cookie=ID%3D5ff8dc6b5940bfe0%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbC2rDitf0bmtsjcIagYoV9oxXhBw&gpic=UID%3D00000cada0317083%3AT%3D1698668561%3ART%3D1698668561%3AS%3DALNI_MbqfmEMxv4lrZX77wooBNnK1tX-1A&correlator=6288048498641&frm=23&ife=1&pv=2&ga_vid=736758696.1698668561&ga_sid=1698668563&ga_hid=331013157&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3098&biw=1600&bih=1200&isw=336&ish=280&ifk=3119463903&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079086%2C44805933%2C44806738%2C31078301%2C31079248&oid=2&pvsid=227637249479363&tmod=1261558065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u0jz61t298p4&btvi=1&fsb=1&dtd=902
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2bbb5cd83d31683e5097831f559a4e1d.safeframe.googlesyndication.com
9c051bb9c4354763d563f49d55884c89.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.smartstream.tv
ads.stickyadstv.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
audiencedata.im-apps.net
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cookie-matching.mediarithmics.com
cookiesync.api.bliink.io
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.gssprt.jp
cs.yellowblue.io
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.im-apps.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.c.appier.net
g2.gumgum.com
genieeintl-d.openx.net
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ialaddin.genieesspv.jp
ib.adnxs.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
js.genieessp.com
live.primis.tech
live.rezync.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
min.tryiqos.ch
mwzeom.zeotap.com
onetag-sys.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
rt.gsspat.jp
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
s8t.teads.tv
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.teads.tv
t2.teads.tv
tags.bluekai.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
wt.rqtrk.eu
www.awin1.com
www.bg3.co
www.conrad.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
a.tribalfusion.com
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
cm.g.doubleclick.net
s8t.teads.tv
static.bg3.co
sync.richaudience.com
uipglob.semasio.net
103.231.174.251
104.18.36.155
104.18.38.76
104.20.219.77
104.22.69.131
124.146.153.170
13.32.27.45
13.32.27.99
134.122.57.34
141.226.228.48
141.94.171.216
141.95.171.140
141.95.32.71
142.250.185.194
146.59.148.16
147.135.143.112
147.75.84.158
15.197.193.217
151.101.1.108
151.101.129.44
151.101.2.49
151.101.65.44
152.199.21.70
154.59.122.79
162.210.196.208
167.235.184.171
172.105.221.240
172.64.151.101
173.231.180.197
175.110.113.203
178.250.1.6
178.250.1.9
18.196.140.247
184.30.20.22
184.30.21.51
184.30.22.30
184.30.25.51
185.106.33.48
185.184.8.90
185.64.191.210
185.84.60.23
185.86.138.151
185.86.138.155
190.2.153.150
192.96.203.13
193.0.160.131
193.108.153.21
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.20
198.47.127.205
2.18.160.23
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
208.93.169.131
209.54.182.161
212.8.250.228
213.155.156.185
216.52.2.39
216.52.2.91
222.230.178.129
222.230.178.132
222.230.178.33
23.192.153.28
23.212.211.47
23.212.218.19
23.213.164.238
23.48.23.4
23.88.86.2
23.97.225.52
2600:1901:0:e207::
2600:1f18:24e6:b902:9c09:4253:19bd:8f92
2600:9000:2057:e200:1f:4c18:bd40:93a1
2600:9000:223c:d000:6:44e3:f8c0:93a1
2600:9000:236e:7200:1a:5235:f980:93a1
2602:803:c003:200::41
2602:803:c003:200::57
2606:4700:10::6816:1857
2606:4700:20::681a:567
2606:4700:20::ac43:4a81
2606:4700::6810:5814
2606:4700::6812:bae0
2607:f8b0:400d:c09::78
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::c
2a02:26f0:c6:1b0::26e5
2a02:26f0:c6::210:6570
2a02:fa8:8806:12::1370
2a04:4e42:400::649
2a05:d018:d29:3601:865d:cd9c:e13b:6712
3.66.132.222
3.75.62.37
3.77.250.56
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.237.4.206
34.246.239.231
34.247.205.196
34.249.50.243
34.254.46.142
34.95.81.168
34.96.105.8
34.96.71.22
34.98.64.218
35.158.220.250
35.186.193.173
35.204.74.118
35.205.65.172
35.214.239.194
35.227.252.103
35.244.174.68
37.157.5.133
37.157.6.233
37.252.171.53
38.91.45.7
46.228.174.117
51.68.39.188
51.75.86.98
52.18.191.233
52.19.72.182
52.205.208.143
52.23.134.172
52.29.172.170
52.30.179.44
52.30.88.129
52.87.21.252
52.94.223.167
54.155.252.188
54.158.68.158
54.36.150.180
54.38.197.123
54.75.96.107
54.78.254.47
62.141.38.122
63.34.156.169
69.166.1.67
69.173.144.137
69.173.144.165
69.173.151.100
69.192.160.219
70.42.32.127
76.223.111.18
77.245.57.72
8.2.110.114
82.145.213.8
85.114.159.118
91.210.226.74
96.46.183.20
98.98.134.242
002d7f468210de71d46d1699840ed74fec4da08867525caefef95b3f9641051e
0229b8f7cef98381e5f09831075229b0d2a1345e745a52ea7647af903df4c77a
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd
0d4416febfa579f6c2aabb70af69c752b8fa95bb5fdb76b3e43fceec1afc970e
0e34e977b2406e56929f028862ffbda5ac7ea4634d107223c60ceaad444e1436
0eb612950bab80da54815a11e889308e8df01811bb17950058ff09e3a77047ea
104fcc2fd6e3915827dd461fe6e067382a7603215b7dad6db6a7ad41028d76f3
111d1d98c3c9557133f64423dc02659bd2d5c8b3f8fef5f074ea0b62000df8b1
120482bd695bc51f2afed1d91b774fcda15d7ed72dbd9594af3627325e57fc93
121c48337b0025672acbece74f3443b209eddc278e8d300ae60705bb575910e1
12a60ba56e6d4c71f3c843f732ef143d5ba17140ab60c7b34063023ce2c6d227
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1369342bb8d2e449ea1727894b65e851d7205be8ff0c1f206716f107b38a7b85
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
194276fa3bf4f4ca68f06b64985abc71492dfd36be9b1847dc33c0738cfe7475
1992f05f9be62fc4e9b7f4077eb23afafa4217740f158b3f0a668da89a724bd1
19ffeb887608568d9b15448703a0aa2936785ddf09dcff04644270889e6c462a
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c572a4f453cc676d9bbfa1519551c72d56e707648fff6dd1af09ae0a656cfd3
1cc28d0a176f35b35fa18e9aa2e30a1f7e748abf0860edc1b12c7bcf7ab6f6ba
1d8596369bd570e4b327dbda1a51e0c77452ca7091a69d040d30e344ea541596
1e7b97266aa978a1ae9f78f02410bb52903fdba12fc91747115a1431361236dd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
237cdfb2609df7d134d1ec9c784c4fbf4df49c30214a66455c239318a6a66683
2545e9db8fd27d8f072315b91467f140b957e02d17394ea99163bf15e71d9c0e
263e178829a87ff33a2978646991a53646a4638d059d3f9e8304523e1f469889
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
277838868b3b898be6194f23f20226e64611d2a75abceddd3818a182b1f46c5d
2808c04bcca12e9343392a4bd6fcf32089375aa12307e57981ef87c4fbacf49b
28fd563a4a1ea2bcc7177e450c605bb349b91ae4649d3b1fa5ec5c79ba428d3c
29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cc05167b8f79fedda8d89d27c36d96d8813bebcffbb0daaac196ef5c6acef89
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac
2e74ef9997572d823b9aeab01df1a53b824cc42846fd8b6beaa4e49dfa0c33ff
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f76893cee07289014f8cc2d307fd414c152458d19dc9e2510d4e20982d48619
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323cf927fba07f4dfed65886c229bf627fa6f57593901045c7c97b0f5256505b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0
3458b052be4e9c07aacfeaea8c28c821fd9201fe24210086801d4c5efa1ed458
34eeb51e048f4bf762ed7c4c866478e7d5a0f4ef0203d0f2e90380b6f3e16004
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
357e12799ac18722d14ade52e7d86a015aa893b47db3724c487ccbe45d150efc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3869d7f457714f847553bb43a56e4cd99b40e007e8a0c6361e7f0e5bd19340dc
38ac827e8993209190f726d4e0477ce3c221e8acdb08774e30b6d2c10b6561d5
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a3c99725365d56f6c80b87d3c8ff77952a57d4dfbf893a30c6f6e475f24e968
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e3639a663356aa4eecfec51a8e5f601e20b06be9c9fce96aced588e882eacd
41043e1061ac7c268c287057b8684292a5fbbb6aefe012ba10d80e80a53498aa
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b
45ea34c82455cdc09b6167dd579ef1ea60d59c0f75db81327abf79fc705a3211
46863f4a8ffdb6cde878a62e9df1c9775e394c6f9cd4c50bbc7ea7dd38101a76
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbe733e7aa89253a7369ae976513e653c9e2a9ef9702271cac0b9bb36a3f511
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
50e21ba80568830d1a9eb8ff72d7093f79e2e31360636b5f53023930d113af46
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554a076af9b252e2c92eb2ead65e7957b3618edb33a2828bb540c02506bb7218
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a4a0b2d357363e3c4dcc8cef8dbb67b273ba61bad258a84d298968055bdce42
5af0dc859041c89bf851237f7f3a1e5ecacf33d3ca6b639b56c5ec08e6e9add5
5bda8f1194eaae29380baa3d55b02190e32944bf92184d9d7f064c1888f03cfa
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
605c2421f8e6e0ff1e1bdcca941b9401fcda473b55088479a9a8d9407aa490e7
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64acd66b5e6b21034cf1cbcf982bcd80f5120da5cb4e6576d0594144484ada91
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6
67d116fe59195ed04e2a589e8cb08442cbb1b5f4c4cb6cdd070f4c281f366d30
699ee875f8b62fa0c0fee58a7bab85ad4a7438790fbda54abe5b3bda723f4712
6a261c28e14f1c75a5ff3740c19ca4c1b9a2c13b397ae4e9a8e5065e2c31ba8f
6a86733ac3473da536279a6122c5a1fa6bbc6689aabf987c6eb00798639e9834
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cd674236949e7670af6f47abdbab92d5d39e92dbbad80e93f9f52366ccbc923
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6dbd0fd7490f451fe915f14966ee3cd287af6d0a2390da68902454e294fd2b69
6fd1affca65bd2932c1697c29cd1014cd40bddcbad2798d61e1cccd83b0aaaa6
71017043ca2d89ccf1a8d025035a69285d85c1ff62d203f18f182434b436e2c7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
79435c78f5700a51da5339350b2c640153fcb817d0a7d328b5a53dd3f71252c9
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833d7e22705e3957e978bf7605ff0a393961661750db4ddee3d26389b12bd4b6
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b5dcce5ae52a240d5e98a77a9825119634ec2edb925d279af19908b0371da47
8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef61e0a14db8150cccd5c82d4adaeca68e12077ebf444757e06060c54234104
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d
921b92577a209f2ff48b88a6f3b16aa9d4b58f40a85ac6dd549d29a504678e2d
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93870d49d621c8497ff79e8e43190812369c744395be1e8cf58416372b990a3e
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
970b9b8166f81dcf28474bd444bf0626168005c347260efe8b46864d5b51b37d
978a1111529218cbe53e77b5d72b1c055d5b4b8dcfa8f857e7ea60cac645018f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
a03c4578f73d61ff2655eeb096a800f0bbd1da1a3477f7db4185fe2210740866
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a478b7c3eaab145da40bebe3be19ffd48b62ac1f0a5939978483e38f1c6a69c6
a5c981ce03f9e23cf2c3fbe40c692c973cd6fd0b80e5775486beef6bd9feb7d7
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a8407b65081049e10379952a5f3c0998726ffc0d98a48f2dea5ce2b9e2f283d3
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
aac79e100212384ae17538257576bdc5a8f354329d5c1e00d95047d2c836c7db
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4
ac3c99da66fdcf8c3c595004ee0210e63349d59409bf825d3a061d909d7b5102
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
ae805895fd1ebcae605d909af1e1a67dda13d975bf7578ed907a642e22bdbd0d
aedef1363e975fd7358f402e437db12a4f973b089570431dba95577d622ec1ab
b02a2fcdbbb33781e3aa52e4cf6362f0d8fd5443fff073d3783e1042f04da67f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b4be225f5915dc4cfdaec6943120d2ae1dd562244b4b640644bc5b13d038e30c
b707c07fa66acb3d5f0ee7558d76f7073e546f9a993c5f307a4156527d69f5d5
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b7df1bd0474b17cf214e5570ffbead38f5ea44f83de4a81363d166b30c1c1252
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bf4c243f4ae334d8428dfae1f5e414955657154801cb25cae65acbb2fc6691bb
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f
bfe760847a95d586e39d0d0f33a82a23a89bd32a3466d4c6c40a2452b4bf082f
c1d9ab508ae370d3465421ef78a14b192a47b95c3a73c1bcdb307df2fae3b2e2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c4e9491930f625d6c74f95bd532398d03d74475df4e1d72cc879ca8d1422b6ff
c7fdc758cdbbd4501fea38e5d99a471340a6350295525ed5553177a77f90b4db
ca816ccbefa27ca881631d3833cbef32c129aa54857458751ab7a950617f91e2
caf154de4924b9fee9af6219c5a1a15d8e1cfb132987114489ffd622bd7b5e04
cb4c0530ef507e3bb40b7c886b8d0ae8aae5fb122fd5e666ea8731e47547d7d8
cc08595502dffde3de6efe7b8b12b5a3a4f32802292324a74aa00faeb18536b6
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
ccdbf5cfe041882c25b7d948da3608cf2f39d4d2a1c9d66eacf2e2029e427919
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf58844f0c1441045f45a317339f82c6598aeecbbf8cf50ceb9677e26216f8b5
d058f0f30c5042da6579922a90cad83d4479337c1bb8755086b25cbf81a5ebce
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d117bd86550fabfcc8705026b909dc41edc00b867872d211973993e3b3eb4d0f
d5cbb1c8ca5591a91263dac165cc506946b3236c33c2731c035edd1a7a7ddf59
d846da62c6cac3a0cb074cb52a597e1c1ac6faa4d3bbf8db0aa2159910e506c2
da4c471726aadbad0195d59ab38a006656294071b4ff81f98f923080b0036407
db9c4790d56bc89c9c9263b39ccfd281de19786f9161a95a97ae69beaf97336c
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd36b72b03f5033f5aa6dc07d25b69cf8b57c64a1050fca404cba1c573d96b2e
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e177769af8a2a9730b2463c84f57572d635efe8f94ac57334f2e13875ecd937d
e337b8e835936fa69a08b5a9727656d5d5e8eeced8b256f9e97e3b7572760e9d
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e527ca7f0e4e5245b805dcd6e25cd6893d168bcb4dc0b91a7107aa5ea8ce5b95
e65d9bbe6ef1093ec61b6c0cbd8ced68a5341066fc3cd072a6740d2448c78060
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef13422327dc5aeac8c2f6b8e0a59484985710802a3843a3708ebec0ca56679d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f055223a8b9a3f3084d425da9747d2dcf42e904a8d13316a6a8285babd6b1f82
f06f3cc28777f42fbf7fb2a8dbaa18e857c10c484b70b1cd879daf54dc6fcde8
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c
f27bbf4f80d22e09b9af3c272cd4cbdb783b1178a5d0c81bd01c02a895f76884
f3cc453e50fea6c37b754d0d7f23d3ca8f1691ce352d14dd289e9be6a13e6dfe
f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f607c26594aebf1765ff874998484516267b88b4ce100f86d955362f214ef964
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6a18968d1fdab07d46f58e73938aaf6ca8eedb5b9e34ad37a81967331e6ef46
f6c601a9d2d6a1fcc024929ac37837666cdfee53a3c5a56c6f9582f406279441
f72d10960fe571d38746e87b0af42c7cd3f6be61e5806394c0cc462d51a17a0f
f7d5f5df4a442a416a3c7ba4965a28d0972f39c039b8712e220e57f83d081eb2
f7e0b9bd9f2e063c4bb1e19a3c045dc75a55d6ddb2b3d7801fc00ec56976e5dc
fb72fa3c55b962b0e9197f74a14dce894e065911d8dd7d0ced5ce78dc7f26fee
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffafb3b2b7ed8883608c0f6c2eebb1fc1a9c8e36823699cc33d7bde6d0d1f6af
ffd8aa4fb7360e42b6b088c3e4f2287e909b51c7b252f019694eb15e2e6e963b