urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Submission: On October 05 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 125 IPs in 16 countries across 121 domains to perform 587 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
9 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
36 151.101.193.44 54113 (FASTLY)
2 4 192.96.203.13 30633 (LEASEWEB-...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
3 2001:4860:480... 15169 (GOOGLE)
1 3 162.210.196.208 30633 (LEASEWEB-...)
4 2a00:1450:400... 15169 (GOOGLE)
9 23.97.225.52 8075 (MICROSOFT...)
23 185.180.220.208 49981 (WORLDSTREAM)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:d::d 44788 (ASN-CRITE...)
3 3 23.201.255.110 16625 (AKAMAI-AS)
10 95.101.149.233 16625 (AKAMAI-AS)
17 15.197.193.217 16509 (AMAZON-02)
31 2a00:1450:400... 15169 (GOOGLE)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 5 145.40.97.67 54825 (PACKET)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
10 104.22.69.131 13335 (CLOUDFLAR...)
2 3 52.48.26.222 16509 (AMAZON-02)
1 18.194.126.126 16509 (AMAZON-02)
9 95.101.149.35 16625 (AKAMAI-AS)
7 51.89.9.251 16276 (OVH)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 3.75.110.88 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
8 12 37.252.171.85 29990 (ASN-APPNEX)
19 34.250.19.175 16509 (AMAZON-02)
2 11 104.18.26.193 13335 (CLOUDFLAR...)
3 35.186.253.211 15169 (GOOGLE)
3 151.101.129.44 54113 (FASTLY)
16 185.106.33.48 200478 (TABOOLA-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 51.83.220.94 16276 (OVH)
6 7 18.184.148.2 16509 (AMAZON-02)
1 34.160.236.64 396982 (GOOGLE-CL...)
1 2600:9000:223... 16509 (AMAZON-02)
6 10 69.173.144.139 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 13 69.173.144.165 26667 (RUBICONPR...)
15 26 142.250.186.34 15169 (GOOGLE)
1 7 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:1f18:24e... 14618 (AMAZON-AES)
6 10 2a05:d018:d29... 16509 (AMAZON-02)
2 5 54.239.33.159 16509 (AMAZON-02)
2 6 52.46.128.147 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
7 7 52.211.253.239 16509 (AMAZON-02)
2 2 52.73.237.207 14618 (AMAZON-AES)
7 8 3.71.149.231 16509 (AMAZON-02)
1 2.19.198.33 20940 (AKAMAI-ASN1)
1 2600:9000:225... 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
3 3 54.146.162.150 14618 (AMAZON-AES)
4 5 178.250.7.11 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
10 141.226.228.48 200478 (TABOOLA-AS)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
1 1 172.104.70.67 63949 (AKAMAI-LI...)
6 7 64.202.112.63 23352 (SERVERCEN...)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 162.19.138.82 16276 (OVH)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
5 30 2.18.161.51 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
5 175.110.113.211 49981 (WORLDSTREAM)
32 23.212.89.35 16625 (AKAMAI-AS)
2 35.186.215.140 15169 (GOOGLE)
1 54.78.254.47 16509 (AMAZON-02)
1 2 23.212.211.126 16625 (AKAMAI-AS)
2 4 35.244.174.68 15169 (GOOGLE)
1 108.129.25.174 16509 (AMAZON-02)
1 52.31.202.102 16509 (AMAZON-02)
2 34.253.57.114 16509 (AMAZON-02)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
6 2001:4860:480... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 185.84.60.21 198622 (ADFORM)
2 3 13.248.245.213 16509 (AMAZON-02)
3 7 34.98.64.218 396982 (GOOGLE-CL...)
1 23.213.164.226 16625 (AKAMAI-AS)
1 18.66.147.73 16509 (AMAZON-02)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 23.52.120.27 16625 (AKAMAI-AS)
5 6 37.157.6.243 198622 (ADFORM)
2 52.18.35.108 16509 (AMAZON-02)
1 2 217.182.178.228 16276 (OVH)
3 23.213.164.238 16625 (AKAMAI-AS)
8 2600:9000:205... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 75.101.242.68 14618 (AMAZON-AES)
2 2 216.52.2.16 32475 (SINGLEHOP...)
3 216.52.2.48 32475 (SINGLEHOP...)
6 6 46.228.174.117 56396 (AMOBEE)
3 3 2001:678:cb4:... 56396 (AMOBEE)
3 3 193.0.160.130 54312 (ROCKETFUEL)
1 1 69.166.1.34 27630 (AS-XFERNET)
3 3 34.204.154.179 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
3 18.197.134.14 16509 (AMAZON-02)
1 1 23.212.88.20 16625 (AKAMAI-AS)
3 3 54.236.179.17 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 13.32.27.99 16509 (AMAZON-02)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 3 193.108.153.21 20940 (AKAMAI-ASN1)
1 2 35.186.193.173 15169 (GOOGLE)
2 2 35.214.197.226 15169 (GOOGLE)
1 18 34.247.205.196 16509 (AMAZON-02)
2 2 18.194.158.176 16509 (AMAZON-02)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 54.76.77.157 16509 (AMAZON-02)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
2 3 151.101.2.49 54113 (FASTLY)
5 15 198.47.127.18 62713 (AS-PUBMATIC)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
6 13 185.64.191.210 62713 (AS-PUBMATIC)
3 198.47.127.19 62713 (AS-PUBMATIC)
1 1 211.120.53.206 4694 (IDCF IDC ...)
1 1 80.77.87.166 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 52.208.171.144 16509 (AMAZON-02)
1 1 69.173.151.100 26667 (RUBICONPR...)
3 3 162.55.233.29 24940 (HETZNER-AS)
2 2 188.42.34.64 7979 (SERVERS-COM)
2 2 8.2.110.114 46636 (NATCOWEB)
2 4 185.86.139.103 201081 (SMARTADSE...)
6 9 198.47.127.205 3257 (GTT-BACKB...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 3.64.76.61 16509 (AMAZON-02)
1 1 82.145.213.8 39832 (NO-OPERA)
1 72.251.241.196 32475 (SINGLEHOP...)
2 2 213.155.156.166 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 54.77.82.203 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 34.236.109.207 14618 (AMAZON-AES)
1 198.47.127.20 3257 (GTT-BACKB...)
2 2 98.98.134.242 21859 (ZEN-ECN)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 1 37.157.3.26 198622 (ADFORM)
4 2a00:1288:80:... 203220 (YAHOO-DEB)
1 87.248.100.136 34010 (YAHOO-IRD)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 141.95.171.142 16276 (OVH)
2 2 141.94.171.212 16276 (OVH)
1 162.55.120.196 24940 (HETZNER-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 141.94.171.215 16276 (OVH)
587 125
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
9    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
20    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
36    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
4    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
agent.aralego.com
5    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
4    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
964c25b6500fbfe5d9f87001552574e4.safeframe.googlesyndication.com
961a8a37c532592880c5d6c73eddf1da.safeframe.googlesyndication.com
9    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
23    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidverto.io
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
17    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
31    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
3    52.48.26.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-26-222.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
1    18.194.126.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-126-126.eu-central-1.compute.amazonaws.com
tlx.3lift.com
9    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
7    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    3.75.110.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-110-88.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
12    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
19    34.250.19.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
ads.servenobid.com
11    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
5    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
7    18.184.148.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-148-2.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    2600:9000:223c:5c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
20    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
13    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
26    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
7    2606:4700::6812:1bc1 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    2600:1f18:24e6:b901:34fb:55f:e11a:2d83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
10    2a05:d018:d29:3601:66f9:a65a:1e1c:e51e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
6    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
7    52.211.253.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-253-239.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    52.73.237.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-237-207.compute-1.amazonaws.com
sync.ipredictive.com
8    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2.19.198.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-198-33.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:9000:2251:d400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    54.146.162.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-162-150.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2600:9000:2250:ec00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
adx.holmesmind.com
2    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    172.104.70.67 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1680-67.members.linode.com
a.c.appier.net
7    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
sync.outbrain.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
3    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
30    2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com
sync.teads.tv
s8t.teads.tv
studio-t.teads.tv
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    175.110.113.211 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-211.hosted-by-worldstream.net
cdn.vidverto.io
32    23.212.89.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-35.deploy.static.akamaitechnologies.com
t.teads.tv
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
2    23.212.211.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-126.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    108.129.25.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-25-174.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    52.31.202.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-102.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    34.253.57.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-57-114.eu-west-1.compute.amazonaws.com
sync.springserve.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
1    23.213.164.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-226.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    18.66.147.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-73.fra60.r.cloudfront.net
public.servenobid.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com
contextual.media.net
6    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    52.18.35.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    217.182.178.228 (France)

ASN16276 (OVH, FR)
PTR: ip228.ip-217-182-178.eu
ssbsync.smartadserver.com
3    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    2600:9000:2057:4400:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    75.101.242.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-242-68.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    34.204.154.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-154-179.compute-1.amazonaws.com
ssp.disqus.com
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    18.197.134.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hbx.media.net
3    54.236.179.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-179-17.compute-1.amazonaws.com
i.liadm.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    13.32.27.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-99.fra56.r.cloudfront.net
live.rezync.com
4    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
3    193.108.153.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-21.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
2    35.214.197.226 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 226.197.214.35.bc.googleusercontent.com
csync.loopme.me
18    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    18.194.158.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-158-176.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    54.76.77.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-77-157.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
15    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
13    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    211.120.53.206 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    52.208.171.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-171-144.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
4    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
9    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
1    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    3.64.76.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-76-61.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    54.77.82.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    34.236.109.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-109-207.compute-1.amazonaws.com
a.audrte.com
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    87.248.100.136 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o1.ycpi.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.yahoo.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    141.95.171.142 (France)

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh
green.erne.co
2    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel-eu.onaudience.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
71 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1774
sync.teads.tv — Cisco Umbrella Rank: 2022
t.teads.tv — Cisco Umbrella Rank: 3226
s8t.teads.tv — Cisco Umbrella Rank: 6676
studio-t.teads.tv — Cisco Umbrella Rank: 9341
3 MB
65 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262
trc.taboola.com — Cisco Umbrella Rank: 907
vidstat.taboola.com — Cisco Umbrella Rank: 3587
il-trc-events.taboola.com — Cisco Umbrella Rank: 16209
images.taboola.com — Cisco Umbrella Rank: 1957
imprammp.taboola.com — Cisco Umbrella Rank: 11278
am-match.taboola.com — Cisco Umbrella Rank: 13197
wf.taboola.com — Cisco Umbrella Rank: 3685
am-vid-events.taboola.com — Cisco Umbrella Rank: 10788
sync.taboola.com — Cisco Umbrella Rank: 1624
vidstatb.taboola.com — Cisco Umbrella Rank: 9042
am-wf.taboola.com — Cisco Umbrella Rank: 13824
961 KB
57 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
pubads.g.doubleclick.net — Cisco Umbrella Rank: 359
603 KB
55 googlesyndication.com
ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
964c25b6500fbfe5d9f87001552574e4.safeframe.googlesyndication.com
961a8a37c532592880c5d6c73eddf1da.safeframe.googlesyndication.com
491 KB
46 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 837
image8.pubmatic.com — Cisco Umbrella Rank: 1061
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image6.pubmatic.com — Cisco Umbrella Rank: 1171
image2.pubmatic.com — Cisco Umbrella Rank: 1547
image4.pubmatic.com — Cisco Umbrella Rank: 1978
simage4.pubmatic.com — Cisco Umbrella Rank: 1746
43 KB
39 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
eus.rubiconproject.com — Cisco Umbrella Rank: 916
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1711
73 KB
28 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30729
cdn.vidverto.io — Cisco Umbrella Rank: 40830
503 KB
20 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2247
usersync.gumgum.com — Cisco Umbrella Rank: 2735
rtb.gumgum.com — Cisco Umbrella Rank: 2264
6 KB
20 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
ads.yap.yahoo.com — Cisco Umbrella Rank: 27934
geo.yahoo.com — Cisco Umbrella Rank: 1897
12 KB
20 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3520
public.servenobid.com — Cisco Umbrella Rank: 7575
11 KB
18 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
dsum.casalemedia.com — Cisco Umbrella Rank: 2664
21 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
3 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18087
e3.adpushup.com — Cisco Umbrella Rank: 19655
283 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
acdn.adnxs.com — Cisco Umbrella Rank: 960
secure.adnxs.com — Cisco Umbrella Rank: 806
32 KB
11 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
8 KB
10 gstatic.com
fonts.gstatic.com
csi.gstatic.com
69 KB
10 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
adpushup-d.openx.net — Cisco Umbrella Rank: 32309
us-u.openx.net — Cisco Umbrella Rank: 863
eu-u.openx.net — Cisco Umbrella Rank: 3562
u.openx.net — Cisco Umbrella Rank: 1024
2 KB
10 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7516
csync.smilewanted.com — Cisco Umbrella Rank: 3971
static.smilewanted.com — Cisco Umbrella Rank: 15268
17 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
bidder.criteo.com — Cisco Umbrella Rank: 949
dis.criteo.com — Cisco Umbrella Rank: 910
3 KB
9 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
198 KB
8 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 7534
4 KB
8 adform.net
adx3.adform.net — Cisco Umbrella Rank: 65543
c1.adform.net — Cisco Umbrella Rank: 954
dmp.adform.net — Cisco Umbrella Rank: 4243
cm.adform.net — Cisco Umbrella Rank: 1654
4 KB
8 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 657
fonts.googleapis.com — Cisco Umbrella Rank: 113
945 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1511
x.bidswitch.net — Cisco Umbrella Rank: 614
3 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
4 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
4 KB
7 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 35724
sync.aralego.com — Cisco Umbrella Rank: 4312
agent.aralego.com — Cisco Umbrella Rank: 319878
4 KB
6 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
3 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1486
ap.lijit.com — Cisco Umbrella Rank: 1012
2 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 11
2 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
674 B
5 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16071
82 KB
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 814
83 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 5639
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593
1 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
d.turn.com — Cisco Umbrella Rank: 2206
2 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 719
817 B
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 906
2 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
1 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
cms.quantserve.com — Cisco Umbrella Rank: 1260
10 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
235 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18527
pixel.onaudience.com — Cisco Umbrella Rank: 3680
2 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
1 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2941
779 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
881 B
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1259
1005 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
2 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 1067
2 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876
69 B
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2272
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1417
3 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3579
cs.yellowblue.io — Cisco Umbrella Rank: 4325
2 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 4716
981 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
2 KB
3 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10583
757 B
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
contextual.media.net — Cisco Umbrella Rank: 1062
hbx.media.net — Cisco Umbrella Rank: 1959
10 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
visitor.omnitagjs.com — Cisco Umbrella Rank: 1162
1 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
313 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2139
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
497 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
562 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4144
992 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2330
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 821
701 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5800
674 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
2 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 1002
647 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 7595
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1499
517 B
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 7032
ipac.ctnsnet.com — Cisco Umbrella Rank: 7500
757 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2356
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
60 KB
2 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 4882
411 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1088
stags.bluekai.com — Cisco Umbrella Rank: 984
964 B
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 99065
20 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
144 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1542
958 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 33779
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 19210
c.statcounter.com — Cisco Umbrella Rank: 12701
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
179 KB
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 4098
439 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 11001
1 erne.co
green.erne.co — Cisco Umbrella Rank: 27364
412 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8195
277 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2200
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
555 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 10466
345 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
524 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1518
637 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1516
834 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1610
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2443
525 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1592
623 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
465 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2785
160 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1035
337 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 936
499 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2754
324 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 687
921 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2496
711 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 10594
600 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 776901
871 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
549 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2560
502 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 2263
480 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
865 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
634 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 2038
204 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 12994
257 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
15 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
587 121
Domain Requested by
32 t.teads.tv www.bg3.co
31 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
www.bg3.co
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
www.googletagservices.com
26 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
eus.rubiconproject.com
ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
www.bg3.co
sync.teads.tv
adpushup-d.openx.net
g2.gumgum.com
23 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
20 tpc.googlesyndication.com www.bg3.co
ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
20 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
agent.aralego.com
19 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
eus.rubiconproject.com
ssbsync.smartadserver.com
ads.pubmatic.com
18 usersync.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
17 match.adsrvr.org www.bg3.co
eus.rubiconproject.com
imprammp.taboola.com
am-match.taboola.com
sync.teads.tv
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
csync.smilewanted.com
ssbsync.smartadserver.com
ads.pubmatic.com
16 s8t.teads.tv a.teads.tv
www.bg3.co
s8t.teads.tv
16 il-trc-events.taboola.com www.bg3.co
15 image8.pubmatic.com 5 redirects ads.pubmatic.com
14 images.taboola.com www.bg3.co
13 simage2.pubmatic.com 6 redirects cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
13 pixel.rubiconproject.com 7 redirects eus.rubiconproject.com
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 sync.teads.tv 5 redirects ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
a.teads.tv
sync.teads.tv
10 pr-bh.ybp.yahoo.com 6 redirects imprammp.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
10 token.rubiconproject.com 6 redirects eus.rubiconproject.com
10 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
imprammp.taboola.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
9 image2.pubmatic.com 6 redirects ads.pubmatic.com
9 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 a.teads.tv cdn.adpushup.com
a.teads.tv
www.bg3.co
9 e3.adpushup.com www.bg3.co
9 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
8 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
8 ups.analytics.yahoo.com 7 redirects am-match.taboola.com
7 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 match.prod.bidr.io 7 redirects
7 x.bidswitch.net 6 redirects am-match.taboola.com
7 ib.adnxs.com 3 redirects cdn.adpushup.com
eus.rubiconproject.com
acdn.adnxs.com
7 onetag-sys.com cdn.adpushup.com
ad.vidverto.io
public.servenobid.com
www.bg3.co
csync.smilewanted.com
6 csi.gstatic.com imasdk.googleapis.com
6 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
5 secure.adnxs.com 5 redirects
5 sync.1rx.io 5 redirects
5 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 cdn.vidverto.io www.bg3.co
5 dis.criteo.com 4 redirects ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
5 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
adpushup-d.openx.net
ads.pubmatic.com
5 www.google.com www.bg3.co
tpc.googlesyndication.com
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 prebid.a-mo.net 3 redirects cdn.adpushup.com
5 cdn.aralego.net www.bg3.co
ads.aralego.com
adx.holmesmind.com
agent.aralego.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 s.yimg.com ad.sitemaji.com
s.yimg.com
adx.holmesmind.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
4 idsync.rlcdn.com 2 redirects sync.teads.tv
ssum-sec.casalemedia.com
4 fonts.gstatic.com fonts.googleapis.com
ad.vidverto.io
4 b1sync.zemanta.com 4 redirects
4 googleads.g.doubleclick.net 1 redirects www.bg3.co
pagead2.googlesyndication.com
4 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
3 am-wf.taboola.com vidstat.taboola.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 sync.richaudience.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 i.liadm.com 3 redirects
3 match.sharethrough.com public.servenobid.com
cs-server-s2s.yellowblue.io
csync.smilewanted.com
3 ssp.disqus.com 3 redirects
3 p.rfihub.com 3 redirects
3 ad.turn.com 3 redirects
3 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 us-u.openx.net 1 redirects adpushup-d.openx.net
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 sync.taboola.com am-match.taboola.com
ssum-sec.casalemedia.com
3 an.yandex.ru 2 redirects www.bg3.co
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 sync.srv.stackadapt.com 3 redirects
3 http-intake.logs.datadoghq.com cdn.adpushup.com
3 fonts.googleapis.com ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
cdn.taboola.com
securepubads.g.doubleclick.net
3 rtb.openx.net cdn.adpushup.com
3 htlb.casalemedia.com cdn.adpushup.com
3 secure-assets.rubiconproject.com 3 redirects
3 trc.taboola.com cdn.taboola.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 sync.aralego.com 1 redirects ads.aralego.com
eus.rubiconproject.com
3 region1.google-analytics.com www.googletagmanager.com
3 ads.aralego.com 1 redirects ads.aralego.com
agent.aralego.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 us.ck-ie.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 creativecdn.com 2 redirects
2 ads.playground.xyz 2 redirects
2 visitor.omnitagjs.com 2 redirects
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 csync.loopme.me 2 redirects
2 casale-match.dotomi.com 2 redirects
2 live.rezync.com 2 redirects
2 ce.lijit.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 cms.quantserve.com 2 redirects
2 studio-t.teads.tv www.bg3.co
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 sync.springserve.com sync.teads.tv
2 ad.sitemaji.com adx.holmesmind.com
securepubads.g.doubleclick.net
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 s0.2mdn.net ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
imasdk.googleapis.com
2 pixel.tapad.com 1 redirects eus.rubiconproject.com
2 sync.ipredictive.com 2 redirects
2 prebid.smilewanted.com cdn.adpushup.com
2 ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 geo.yahoo.com adx.holmesmind.com
1 ads.yap.yahoo.com s.yimg.com
1 961a8a37c532592880c5d6c73eddf1da.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cm.adform.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 u.openx.net 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 d.turn.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 hbx.media.net 1 redirects
1 sync.technoratimedia.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 eu-u.openx.net adpushup-d.openx.net
1 contextual.media.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 adx3.adform.net imasdk.googleapis.com
1 agent.aralego.com 1 redirects
1 vidstatb.taboola.com www.bg3.co
1 beacon.krxd.net sync.teads.tv
1 aa.agkn.com sync.teads.tv
1 tags.bluekai.com sync.teads.tv
1 loadm.exelator.com sync.teads.tv
1 id5-sync.com ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
1 sync.inmobi.com 1 redirects
1 a.c.appier.net 1 redirects
1 imprammp.taboola.com vidstat.taboola.com
1 964c25b6500fbfe5d9f87001552574e4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adx.holmesmind.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 live.primis.tech eus.rubiconproject.com
1 hb.yahoo.net eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 odr.mookie1.com www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 static.bg3.co Failed www.bg3.co
587 203
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
teads.tv
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
feebee.com.tw
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-25 -
2023-11-15		 2 months crt.sh
*.pubgw.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-25 -
2023-11-15		 2 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-26 -
2024-03-20		 6 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 111 frames:

Primary Page: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Frame ID: 1C25398DC92727962951228CD8EE41CE
Requests: 171 HTTP requests in this frame

Frame: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CEBE9B2BFC778278D6E3FA4B945B8DB1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3IbpN1mQ28K0AodN8CthWCjaNled1cwYMUGgQ1jf4yVKbKj93KPsE6tVCWKQ_mg7c6PtiiQatqs-P2_xHbKi210m6s97jfxlxizqZ72fFpYOmjKwDj1UUennQwAtR2I_5Bn_g6C8rpVgQ89ygFPLJMAPvGo1oyKdXu-t83L0sKRhQSaBlySDuho_mHNwER1rPCstPSDeBdNKifWp1Q7lVBouCfaczyJ2fu2BX3ixEhrDU-1b_AZsbsMaF7KwDT0Fq8r2xJ_3mohGOEYs21CDtGHhHlrO_LXjDyWOT6wIvZ5_9nNUJhLwJe6ixEuRcGLMSgg&sai=AMfl-YQWMdkM7xReH1qU5ptz5c9amZyZmMYrZPoPr_iS_pPEin9Y7TeGG5ndxqLetShCkCJn9bL6OkcK5uDwU8kA2thaaxYAU_V4mVYrACN8L4O6nDGiVFKcFvwR0PuPy8OekLOc-E591fFSaVTeG2Wa&sig=Cg0ArKJSzJmJcpB5x5TEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 46F5316D518716386074212CC20DC848
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 876FE7F850883924E6676FA7FCB257C4
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 2B34CFB4FFE4BA33729C33945B270B42
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 370752852E32DB4428562877813BE599
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 2885F8EBB7308EAB08DDC7F0D87371F6
Requests: 1 HTTP requests in this frame

Frame: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 27688643FC44737C5EEEC37C1A38B49C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNWmyYZknsbnuTZtQpQyE1RnrfGr8mPgyAOMuUAonLb3zklMbx9T9rQniboSQaJoUqUTXtqnIfvGsAcqvar229GD6oEJ2g
Frame ID: AE70C6C900E3E1E45709992D2D98CB0A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F798E2DECF75491FE1589D1DDCB4E670
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html
Frame ID: F9FC26BB204C425B0BB6EC018940C825
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKXfpXN185Ekcg_hYhAJUxvkxG5vsgy1CYv9GWN-engpiRQMWSvhrHM0-kapBD09kIJaDXf0hFkGX0rsb3zoi0k7q4gTo8yu0322TsBM18iv6qHZIUj-VC6sXAjyzG6Re8huv2kpBJ5OQbkNrL6G8SfDaZNE9zb6Jtx7cTDpJoGin0cLGnXyMINBNWaaD4g0vzIpuzu3anPrMd2Eq0jyt89wombibs3HuhqHdY34kKG1htaTF5gE2kdJCF7ulZuYiiFAjuHNNtllXqmP3qvmqFoQOCwnx17yf3UKzmR1ySmHO9Phvuy0mmT0reZ9cFANmR&sai=AMfl-YSVNAWtnr0Te6ckC1Mh_RJJSGpSswxi5nt4haApwHQGvVYWzEWsZC8ZH6jN2ljinskHLgWRHPoBRnebMp63YOcmoR7e72NE6SU0Idu_mVKGfkjbvXvb9WHraHIcMk0&sig=Cg0ArKJSzAAyM-IG87jrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C66CEF8937A3BF1912FCF57D09341C91
Requests: 26 HTTP requests in this frame

Frame: https://a.teads.tv/hb/ad/aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41
Frame ID: F7812F9F7BEF74780CCD332EF18EE08B
Requests: 21 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: EA6F1787A2E1994720122C0A2D89854C
Requests: 5 HTTP requests in this frame

Frame: https://964c25b6500fbfe5d9f87001552574e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 95793B2EF652650A8DD32FAEC44E1C38
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 104546158DD205A30DD2B44DCED223DD
Requests: 9 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&cmcv=&pix=undefined&cb=1696469804977&uv=3345&tms=1696469804977&abt=nonrv_vA!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=cdf9c59d-3851-48aa-9066-dbc7feda40e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 6BE8C7D94AA08A3B90FDEF9E7C22107E
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 1E6966D22605F6F409238EBCAC296715
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: 18F41D9A4CED5A3D9AF27AD3CC5EAEAB
Requests: 18 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Frame ID: 38A661161A792006530F9F81DB516DF9
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AC2CFF6E1F90EBEFEA9E36679DB731B7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 66609CF1B3C6E5257608C8E720587528
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1A62B768A6561A2AA0D2045348E1DF3B
Requests: 3 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Frame ID: C08A4C893E37D023275916B010FE6679
Requests: 11 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805462
Frame ID: C79F76B148DDFBD97E03796DACA4C5B8
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4C0E2F6019ABA83489324C288315BFE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06533EEE172F0CB1EFCFFB0BCD57181F
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 97CE59D007D67E84E5AE6AC572F4AD76
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: B630FC8B3EFC78814CB3DA7EAA4795CC
Requests: 2 HTTP requests in this frame

Frame: https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Frame ID: 60D7682D6845D62BA87280B3EAF32528
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 748B90355513376F418A6260570A0875
Requests: 2 HTTP requests in this frame

Frame: https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Frame ID: 9407EC95284817A708D590910FA2A372
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 3C4BF6054AA73997E1F370BBCB65C91F
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 5EAF03CF2515E02DA71B7A75BCABF651
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 092A88F29B18357D4B231268CE5A5CBA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1696469803837
Frame ID: 439EEFE3EF890516D5B7ED1ABB297B3C
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: DB2DD5175F9E872B9F9D34E137AED688
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AF0E0B614CE097D7B948EC5729E695AF
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 409061DE970939BA69C17F1FF997DDC5
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 62FC36EA45A6985C332CC99AA6B73584
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 04D2CB8307500BD2E41DEEDFB00D54F1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 65F5FFB5BE3D2208AE9AC22A2D404B4C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Frame ID: 397D1527A28F973E430F96CC2BD6CD51
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FC63EE7A08D88A66A02E28AB312A560E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Frame ID: 787C78129877298C75C253712E2E0E88
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 67C8C3C30A16324ECAEDF1954B5BBA3D
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 3B1BA7AC704D9B7E55EA4E22938A85ED
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 351BC85ECFB7BE8B190ED14BCF8026EC
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 8C7044AAB8B1120294A2D3C367D137FA
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: F40719D618662D7643B638EDF09D3DF9
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: A0674FE763EE5CFDD4440D492B235D60
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 035072585ABBE3D5EFA20E3BDE154D2E
Requests: 23 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: EAC08B6132F050295EC10E3A3227D8D3
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 2818B6AAFA91A8AD59B56942E6D27B69
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: CE6EA08C89F1C8BF92D7CD4B27601F08
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 584809916A7134C39B98120DAA0C6108
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BD49309FA38B7AA564DE16A4FA46473B
Requests: 6 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=3510831004177336434&gdpr=0&gdpr_consent=
Frame ID: 14F8DB86A4F645E5A601E19F9E51A519
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZR4TMQAAA1yYQwA4&gdpr=0&gdpr_consent=&_test=ZR4TMQAAA1yYQwA4
Frame ID: 7CAD7038A12F7B3701AA1EE58D516E2C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jOWZlNDM2NS03ZjEyLTQ1ZDUtYWIyNC05YTQ4NTEzMzY3Njg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 3D0D869D3F5335D0B91F6BB3C036CA99
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 9E3EE8DBE971C23EFDA108181A2C4E0A
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 543DF81F587D0F9B0CC3503E3BACD6A3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZR4TMsCo5s4AAMPrLfwAAAAA
Frame ID: 9136A6E43428EAAE40B54B9E63BEEB1B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 4F677132A866247D4EAFD7A236EE0BB6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=1f69e953-50fd-46b4-b363-4fcfaf713522
Frame ID: 7B3E9261EDB0E1513C1EB6712B8FFE04
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=jzN6RAo0Hm0y9iaLVG5A&pi=gumgum&tc=1
Frame ID: 2CE61494730B28A5E3990C5DB6272061
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 7F5CA302D61D7CC22DE5E907D9E3DE62
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 817DD97F80D9A896B7DBEBD905188089
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C01BC3EF666124D92F3A7B6EDCC4569
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C5482F5BEFA11E322B6129FA6DEB698
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: C39C7A5882EA45AADF32B9860536097F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: CD38A89EABB5163E60D99D781CFC6AB2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8785372573
Frame ID: 0B95B1F004DC00C679656266DF4CE484
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/79567aac-e5ec-5216-9fbd-a5f4faa3b6c6
Frame ID: 6C1AAB25BDDD94E6B8EC2AAFD286C233
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/520713edb940128271b8415fdb60546899d69ca507e2c16d6a8865d8a0a60040
Frame ID: 699D0AF9BEC361D61A53ABB68B39B4F4
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 2D27E9FE4526A64AD65109D3EA3659AE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&redir=true&gdpr=0&gdpr_consent=
Frame ID: 4E9FA79C71BE0AD2626BEAA8B8F3FC65
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: D1EF232E1082599F6C2F2EE3C7B8E738
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Frame ID: EEC768660BAF55792D739ACDFCB75056
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 36B868CE5B214EF968FA86C8FD2B1EFA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 0748D24B096CEBE180A48D02EA05F7D0
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 04F41117B5F353DC177321BDDD7C12F8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 82F1B19A3C0579333A9E9D2F522B260A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 53A5A1B9B8F6A5FE30D400A50B1DA77F
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: C5D15A5094B49358D6B0E5DD5AF67A00
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU57b3d93681b349868f2d1466565d6283
Frame ID: 5FC152E7F96C3331A4EE43AEE014B4A0
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 479FF642F078407B6801765FFEE22F40
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Frame ID: 34C1B54CB5AFA33CBE4F311852E170E6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 3F6E4B1D4E9AF10523354B7AE85469AB
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 3184349320E9B7F0420522636075C9DE
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 14309325780D9AB7001974FAD9D74885
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: DE72AF81547FFFEB4F2B9232EF4DC5AE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B4FE37CF500E921431C7DC5A377B64F0
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 57111E2D78045095A0E5BCC1F47A5A2A
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Frame ID: D674C21132F843E44C5C17B73879EE1C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3510831004177336434
Frame ID: 58851CB8DEB9718B289DA94ACE416F8D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/8b8333fa33b7c52376e89630e5b756?gdpr_consent=&gdpr=0
Frame ID: E89BD83596CFADBDB182FDA1FCCD512E
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 530F1C092BCE593C427C60BF6904872E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/1085aac3c7d221d61f9901e5f550a83d1c3103577a6a162e7637eb8e73bda0d3
Frame ID: C87D88D058FCB619874643D34D1120E2
Requests: 1 HTTP requests in this frame

Frame: https://961a8a37c532592880c5d6c73eddf1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: C4CA006C3600923D0B742DEE8F231E93
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEw6RyH7hmVlnFwpoUEi0cIgTvHo02_5Q_d_C4svcHl6EywafdOKPJbTEVj4ylg8tmyrYGkz7egUx39QMsNGFcTjsVg65sHoL7Q3phN-GRz0o-8JqOWqbZLtzmXZf2WaMzIB9pWSVaJbscAYE5y_uJ6FzLIs52AAgDhv1In9D42f2suM_dJgT7xX5fDfHYK1O3ipJl5ZTOffK4dPmbTU-jiQJLyo9pWv14FKCqauYhWDYdU09iUTtbzBO3YkSa2v5-o0ZgiD3mPoU2YUn3JL1fFUM8TNFgOEot8Pe3U0EpM1Obmj5E4Lxdba0LNgee58Dq1HryC5EPAMLg&sai=AMfl-YQFwGhm-DUA_fRuMfPPIAPCUZ2afu92pveKj-3iVCqTVxr2SJRlKzT0uSe7lMw5xuNClMT7MxXj4f2Ys1tXS15d2t9Z65LZtW1W3A&sig=Cg0ArKJSzBGEabMFXOgMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6D6DE032269D7DA8941F1A2A12A82012
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C4192A715BA6857C19D99BB80E05A4F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FFC0E3848532FAD347A0F2BA197BC599
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=
Frame ID: 9FA492A51C6BC49A61F799191CCBF0A9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QWhaVWXUYggMgaSU&gdpr=0&gdpr_consent=
Frame ID: 8FB4BBD336864EE9CDBEE5A4321D8879
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 5AB04B15D7789BB4DCEDAAE030D84A4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:046A5B4EA1F84E47838D8022044A18BE&gdpr=0&gdpr_consent=
Frame ID: 2165003AF4F75D963A8323A048CABBCB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=962109473
Frame ID: 2B2F9E278394E989B175D388489AE0F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Frame ID: E21A89A342FB72A9E41A66B9C9C7754E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Frame ID: 7F9065E4F5DF70BEC09AE541F86FFC70
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Frame ID: BFE105E0E812D8F7AA62251457218F7D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

西甲綜合:皇馬新年首戰失利 巴薩客場一球小勝 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

587
Requests

81 %
HTTPS

25 %
IPv6

121
Domains

203
Subdomains

125
IPs

16
Countries

7822 kB
Transfer

24895 kB
Size

196
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 44
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 45
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 102
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Da1a125df-0438-45d2-aab7-279134ad67b0%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=a1a125df-0438-45d2-aab7-279134ad67b0&p_id=23
Request Chain 103
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=a1a125df-0438-45d2-aab7-279134ad67b0&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=a1a125df-0438-45d2-aab7-279134ad67b0&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bac187e5-310c-4a69-8234-373032cc077a&ssp=prodoohmox&gdpr=0&gdpr_consent=
Request Chain 144
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNCIBI58-6-6WQ8 HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNCIBI58-6-6WQ8
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOuAse8xmhLqsRTMpqxhq1M&google_cver=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR4TLD8J.Rbq8oGvwfm8gwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOuAse8xmhLqsRTMpqxhq1M&google_cver=1&google_hm=2
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMHwarBTBitU-aItqR5be-k&google_cver=1
Request Chain 164
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5DSUJJNTgtNi02V1E4 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECcDMrs4fqT_xZtQWFKgnAw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5DSUJJNTgtNi02V1E4&google_push=
Request Chain 165
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/H1gu4-7vO5PzWoNUPxah7A?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-B_3ByVhE2oIP7vucFIAcDvp1UjPUGHWoT0LYGw--~A
Request Chain 167
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IaS91ZaFSk2x7FYI8S_Qgw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IaS91ZaFSk2x7FYI8S_Qgw
Request Chain 168
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j7kq8jVBTm-BxZhbxYP1hg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j7kq8jVBTm-BxZhbxYP1hg
Request Chain 169
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWZjNGViNmMyZWVkNGM3YTBhM2VjMTA0Y2VmOTNlMTRmYWUwN2IwYw
Request Chain 170
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNCIBI58-6-6WQ8
Request Chain 171
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEi_07KPCYAABjTPVueOA&expires=30
Request Chain 172
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1c4cda93-bcf8-4089-bffa-fbb152e12560&expires=30
Request Chain 173
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNCIBI58-6-6WQ8&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNCIBI58-6-6WQ8&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNCIBI58-6-6WQ8&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS04NFZQcS45RTJ1SFFlZWxtQ3NSWkYwc0hRaC5QS0tMY35B&ovsid=LNCIBI58-6-6WQ8&dpid=58160
Request Chain 174
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNCIBI58-6-6WQ8
Request Chain 175
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNCIBI58-6-6WQ8
Request Chain 176
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNCIBI58-6-6WQ8 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNCIBI58-6-6WQ8
Request Chain 177
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=gXXf2Fl8XqJBI9dANIBNMMPOaYQ
Request Chain 178
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=54ba79e3-00e4-421c-9c22-df79652b4727
Request Chain 181
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696462604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696469803802&bpp=588&bdt=1124&idt=1057&shv=r20231003&mjsv=m202310030101&ptt=5&saldr=sd&cookie=ID%3Dbe52cc7a3cf7e403%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MbsXnIUhFI-gmNJUL5IpS0FEzUGzw&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&correlator=7029444888328&frm=23&ife=1&pv=2&ga_vid=1774176298.1696469803&ga_sid=1696469805&ga_hid=883655348&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1422&biw=1600&bih=1200&isw=336&ish=280&ifk=404324489&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C31078362%2C44719338%2C44795922%2C31078297%2C31078489&oid=2&pvsid=3123594954541455&tmod=37511433&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ftvhvfma19g&btvi=1&fsb=1&dtd=1077 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Request Chain 216
  • https://um.simpli.fi/gp_match?google_gid=CAESEDSk9nUQlrDviJ6FS6B1SEA&google_cver=1&google_push=AXcoOmRcxmUZdOTX-8sl-mkumN7dOwQzBJxM4YrsRKlmKrp79EDn0HmeiHs8WGDNAQUEeeqX3C3JlzqE1V85UNomrT4jFz1Fe_SP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=046A5B4EA1F84E47838D8022044A18BE&google_push=AXcoOmRcxmUZdOTX-8sl-mkumN7dOwQzBJxM4YrsRKlmKrp79EDn0HmeiHs8WGDNAQUEeeqX3C3JlzqE1V85UNomrT4jFz1Fe_SP
Request Chain 217
  • https://a.c.appier.net/gcm?google_gid=CAESEIpJ8bCkBHSyb2t32mzqBUQ&google_cver=1&google_push=AXcoOmSvkbVbIDotvWRGMNo9BXzpwRYzyG9hbk8J8T51CV3l5_cGtqV7sUqZeSqF6UU11azuUVxLthYy9-EJQAlR9vteWUZOijCS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RXhRWEdReUdDUU9lSVNXckxoTWVaUQ%3D%3D&google_push=AXcoOmSvkbVbIDotvWRGMNo9BXzpwRYzyG9hbk8J8T51CV3l5_cGtqV7sUqZeSqF6UU11azuUVxLthYy9-EJQAlR9vteWUZOijCS
Request Chain 219
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBX9Y8UstqJX3T_iF28XVSM&google_cver=1&google_push=AXcoOmS2UqYkPzXgmO3kBPI4uXLw1gg4Te-DaR0b2LdVV_Y41jk4Z-7NRNZQn7v8I-r7hSS13DXi-CewhZKk4ysA4zAX2wq8u90 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBX9Y8UstqJX3T_iF28XVSM&google_push=AXcoOmS2UqYkPzXgmO3kBPI4uXLw1gg4Te-DaR0b2LdVV_Y41jk4Z-7NRNZQn7v8I-r7hSS13DXi-CewhZKk4ysA4zAX2wq8u90&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS2UqYkPzXgmO3kBPI4uXLw1gg4Te-DaR0b2LdVV_Y41jk4Z-7NRNZQn7v8I-r7hSS13DXi-CewhZKk4ysA4zAX2wq8u90&google_hm=aEUxWWlGYXVtdUxUNVNpWFNxdVE=
Request Chain 220
  • https://sync.inmobi.com/gob?google_gid=CAESEPP-7D7_LpCZRk3XXGvE1C8&google_cver=1&google_push=AXcoOmREBoKGLhH7E6msXxa1QVUkBSZ9EaMmYbMaCQFifa6ZsbdeIvKO-jP36Z7KeYvqSKTJHZQOhNwFMPK3FplRtekQPfqtbaY-7g HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmREBoKGLhH7E6msXxa1QVUkBSZ9EaMmYbMaCQFifa6ZsbdeIvKO-jP36Z7KeYvqSKTJHZQOhNwFMPK3FplRtekQPfqtbaY-7g
Request Chain 221
  • https://an.yandex.ru/mapuid/google/CAESEHQa-H6WB45MF1Ar3xPISrw?ext-param=AXcoOmTS-5Dyh5kCDcEcz7O74wPY8rVIbDB6MfVUU8TZVnQA02jMP2fNrs6NoX8yPr-iNKwh_iEPDzFW2wJOdLlGVMSDYPTb6j3ukg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEHQa-H6WB45MF1Ar3xPISrw?redir-setuniq=1&ext-param=AXcoOmTS-5Dyh5kCDcEcz7O74wPY8rVIbDB6MfVUU8TZVnQA02jMP2fNrs6NoX8yPr-iNKwh_iEPDzFW2wJOdLlGVMSDYPTb6j3ukg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEHQa-H6WB45MF1Ar3xPISrw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 222
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAn85V1SXTjmvQtleTK1msA&google_cver=1&google_push=AXcoOmQm3EZpebZXTjOsht9H1PbpqhOLHcFieS38SOYWQbMwzpXinRvsaE6g27SX5-lRDPac1_c9sxBLPsOinwDQxUOffKSlQWH3Ig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4&google_push=AXcoOmQm3EZpebZXTjOsht9H1PbpqhOLHcFieS38SOYWQbMwzpXinRvsaE6g27SX5-lRDPac1_c9sxBLPsOinwDQxUOffKSlQWH3Ig HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 237
  • https://pr-bh.ybp.yahoo.com/sync/taboola/1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-S4PWZY5E2oQlPG4sqQPjvZwwpdMJGY3jQYOD0w--~A
Request Chain 252
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1696469805420 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4
Request Chain 254
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1696469805420 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=54ba79e3-00e4-421c-9c22-df79652b4727&gdpr=0&gdpr_consent=
Request Chain 255
  • https://pr-bh.ybp.yahoo.com/sync/teads/1570ba70-3c4c-4fef-b7d2-f465dd2c6a38?gdpr=0&gdpr_consent=&_t=1696469805420 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-4gdDVzZE2oRr_hlxH1WTDM0ftb3.6lf02wQ-~A
Request Chain 261
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent=&_t=1696469805420 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38
Request Chain 271
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1696469805489 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4
Request Chain 273
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1696469805489 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=54ba79e3-00e4-421c-9c22-df79652b4727&gdpr=0&gdpr_consent=
Request Chain 274
  • https://pr-bh.ybp.yahoo.com/sync/teads/1570ba70-3c4c-4fef-b7d2-f465dd2c6a38?gdpr=0&gdpr_consent=&_t=1696469805489 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-4gdDVzZE2oRr_hlxH1WTDM0ftb3.6lf02wQ-~A
Request Chain 275
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent=&_t=1696469805489 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38
Request Chain 290
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 293
  • https://pr-bh.ybp.yahoo.com/sync/taboola/1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-S4PWZY5E2oQlPG4sqQPjvZwwpdMJGY3jQYOD0w--~A
Request Chain 338
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 356
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CmiDvA1ugLoRP4TqCDif7gQ4gLsRbte9BGv1sxzP
Request Chain 357
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3510831004177336434
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHDsVLLckoMofqZu25o2PRY&google_cver=1
Request Chain 370
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 375
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4930783210065455397
Request Chain 376
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HbsArRZHJK9Add47SEa8-pQi
Request Chain 378
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696469809019 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2069554328 HTTP 302
  • https://sync.1rx.io/usersync/turn/4376977297601938432?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003
Request Chain 379
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5144588526728100321
Request Chain 380
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=b620fc49-c1a3-4124-ac4f-0a86a8378871
Request Chain 381
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 382
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
Request Chain 383
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-9fbf5bc1-b348-3665-a80e-caf261384f62&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIyAiIGOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 307
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIyAiIGOAE= HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIyAiIGOAI=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIyAiIGOAI=&buyeruid= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-9fbf5bc1-b348-3665-a80e-caf261384f62
Request Chain 384
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
Request Chain 386
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGCXmSjt8pUqkrTAO7p8XFs&google_cver=1
Request Chain 405
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4930783210065455397
Request Chain 406
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b396c45d0cc1419d8e4d59e6b7c79f15 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4376977297601938432 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b396c45d-0cc1-419d-8e4d-59e6b7c79f15 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7111c108-b99e-43ea-85ee-d8e78a48b604%3A1696469811.6869104&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7111c108-b99e-43ea-85ee-d8e78a48b604%253A1696469811.6869104%26_%3D1696469811.6889572&cb=1696469811.6889925 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588526728100321&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7111c108-b99e-43ea-85ee-d8e78a48b604%253A1696469811.6869104%26_%3D1696469811.6889572 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=7111c108-b99e-43ea-85ee-d8e78a48b604%3A1696469811.6869104&_=1696469811.6889572 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc3MTExYzEwOC1iOTllLTQzZWEtODVlZS1kOGU3OGE0OGI2MDQ6MTY5NjQ2OTgxMS42ODY5MTA0EAAaDQi0pvioBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEC67YP5I179Fxh3T7WZyzbM&google_cver=1
Request Chain 408
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=5d2ffc1d5e191e&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHuRxlR7zSCAMDlX85AAAAAAA&expiration=1696556209&is_secure=true
Request Chain 409
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7691908098323334144
Request Chain 412
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB
Request Chain 414
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEi_07KPCYAABjTPVueOA&expiration=1697679409
Request Chain 416
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9a51f9863f05423fb39e71b2317e9bee&expiration=1699061809
Request Chain 417
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=40ba6149-2144-4dd8-9659-f5bcf4b09826&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGCXmSjt8pUqkrTAO7p8XFs&google_cver=1
Request Chain 422
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4930783210065455397
Request Chain 423
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c9fe4365-7f12-45d5-ab24-9a4851336768&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=47386a96-cf22-41d2-b0e2-9458f41308dc&ssp=gumgum2&expires=30&user_group=5&bsw_param=bac187e5-310c-4a69-8234-373032cc077a HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=bac187e5-310c-4a69-8234-373032cc077a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 424
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Jyv0iL7NCXP-aAbSMLCb6XFLIQ8hFXZhJQP4CJNQMBguzw6esNqV4qC-sDDT_xpo%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Jyv0iL7NCXP-aAbSMLCb6XFLIQ8hFXZhJQP4CJNQMBguzw6esNqV4qC-sDDT_xpo%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_c9fe4365-7f12-45d5-ab24-9a4851336768&obuid=ENC(Jyv0iL7NCXP-aAbSMLCb6XFLIQ8hFXZhJQP4CJNQMBguzw6esNqV4qC-sDDT_xpo)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 425
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=29d79e86-2111-03f4-1c3b-0bd948ed4e0b
Request Chain 426
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8175dfd8-597c-5ea2-4123-d74034804d30$ip$195.206.105.132
Request Chain 427
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-jglVPyVE2pcULbGNYewgawY0uypfVvYOJ0DC~A
Request Chain 428
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1c4cda93-bcf8-4089-bffa-fbb152e12560
Request Chain 430
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_c9fe4365-7f12-45d5-ab24-9a4851336768&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=hE1YiFaumuLT5SiXSquQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22CFGFMWSRTBOVWXKTCUGVJWSWCTOF2VCJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22CFGFMWSRTBOVWXKTCUGVJWSWCTOF2VCJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=hE1YiFaumuLT5SiXSquQ&us_privacy=1---
Request Chain 431
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=e13471e4-f332-4795-8520-2b18f81aa252
Request Chain 432
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=FFtPw5RPtO8r&ev=1&pid=558355
Request Chain 433
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3502985708059721799
Request Chain 438
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=3510831004177336434&gdpr=0&gdpr_consent=
Request Chain 439
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZR4TMQAAA1yYQwA4 HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZR4TMQAAA1yYQwA4&gdpr=0&gdpr_consent=&_test=ZR4TMQAAA1yYQwA4
Request Chain 441
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=47b3d8f2-7696-04f6-03d8-02c3c0bec5a8
Request Chain 443
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 444
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234
Request Chain 445
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3588385148432503341868
Request Chain 446
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=fd4b58a756251777045817d32d79c87d
Request Chain 447
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4930783210065455397
Request Chain 453
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZR4TMsCo5s4AAMPrLfwAAAAA
Request Chain 456
  • https://cs.admanmedia.com/sync/gumgum?puid=e_c9fe4365-7f12-45d5-ab24-9a4851336768&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=1f69e953-50fd-46b4-b363-4fcfaf713522
Request Chain 457
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=jzN6RAo0Hm0y9iaLVG5A&pi=gumgum&tc=1
Request Chain 460
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 464
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4930783210065455397&gdpr=0&gdpr_consent=
Request Chain 465
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=8b8333fa33b7c52376e89630e5b756&gdpr_consent=&gdpr=0
Request Chain 466
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4930783210065455397
Request Chain 468
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LNCIBI58-6-6WQ8 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LNCIBI58-6-6WQ8
Request Chain 471
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 473
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8785372573
Request Chain 479
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-216224078621457814 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/79567aac-e5ec-5216-9fbd-a5f4faa3b6c6
Request Chain 481
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/520713edb940128271b8415fdb60546899d69ca507e2c16d6a8865d8a0a60040
Request Chain 484
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6824545069247987902&gdpr=0&gdpr_consent=
Request Chain 485
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4930783210065455397&gdpr=0&gdpr_consent=
Request Chain 486
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=fd4b58a756251777045817d32d79c87d&gdpr=0&gdpr_consent=0
Request Chain 487
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 489
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4930783210065455397&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 490
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Bzi9fwA-vnkcb7opBWihLQlovngcPul-CTusZUdG HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Request Chain 491
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286282352608606349&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 492
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_78a6957e-0cff-4a44-9ae5-e598e99ceb3f&bsw_param=bac187e5-310c-4a69-8234-373032cc077a&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 493
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gXXf2Fl8XqJBI9dANIBNMMPOaYQ&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 495
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 496
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFaV8wN0tQQ1lBQUJqVFBWdWVPQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEi_07KPCYAABjTPVueOA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEi_07KPCYAABjTPVueOA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEi_07KPCYAABjTPVueOA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6824545069247987902&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEi_07KPCYAABjTPVueOA&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 497
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU57b3d93681b349868f2d1466565d6283
Request Chain 499
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526728100321 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Request Chain 501
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8340022359660435394 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 504
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 507
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T96xjFjgSqqE0GIThltI7Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 508
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=&ct=y
Request Chain 509
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=193833061
Request Chain 510
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MTZlcnd0dTVXRVhURmFIaGs0b0lnU3AxZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3510831004177336434&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEZERUIxOEMtNThFMC00QUFBLTg0RDAtNjIxMzg2NUI0OEVE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 512
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGP1zaxSnBtKXxWE7AtVI08&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 514
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3510831004177336434 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 516
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RsFr7.pE2uV8ktuZrbQE1wiSgR08_kw-~A&gdpr=0
Request Chain 518
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=47df6088-158f-499e-8c80-48b5a63f48d5-651e1332-4348&gdpr=0&gdpr_consent=
Request Chain 519
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3db917ee4b5c1937&is_secure=true&networkId=17100&version=1&nuid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI9U1sk9P0LwNJzh6XAAAAAAA&expiration=1696556210&nuid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 520
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4376977297601938432&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 521
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:78410c84-3107-4d4d-9a08-bb01f39f3460&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 522
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3510831004177336434
Request Chain 523
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/8b8333fa33b7c52376e89630e5b756?gdpr_consent=&gdpr=0
Request Chain 526
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/1085aac3c7d221d61f9901e5f550a83d1c3103577a6a162e7637eb8e73bda0d3
Request Chain 531
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LNCIBI58-6-6WQ8 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LNCIBI58-6-6WQ8
Request Chain 569
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d4b054263aafa086/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QWhaVWXUYggMgaSU%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=c76db39f7b0eba68328c081240eacf41&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DEcv7Kmx8QWhaVWXUYggMgaSU%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QWhaVWXUYggMgaSU&gdpr=0&gdpr_consent=
Request Chain 571
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:046A5B4EA1F84E47838D8022044A18BE&gdpr=0&gdpr_consent=
Request Chain 572
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=962109473
Request Chain 575
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 576
  • https://pixel.onaudience.com/?partner=214&mapped=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

587 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
www.bg3.co/a/ 		54 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b85e0364f0e531e77a478777cdde2c40eb0ac93c126a3bc6c19f922e4135b134

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 01:36:41 GMT
etag
"d6ea-0xjPoaVaVRRSKuolLkToNS3bx+I"
expires
Thu, 05 Oct 2023 01:37:41 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8756d3367261f5dfcbef03be86fb4b956f889917fbdd3b72c300d8e1dcdc5f47
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 05 Oct 2023 01:36:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73066
x-xss-protection
0
server
sffe
etag
"1743d73101b212e4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Oct 2023 01:36:41 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4c827a216d3b126750b0202c5793003f24d6002f21ff2300200c6019829929e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 05 Oct 2023 01:36:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9658
x-xss-protection
0
server
sffe
etag
"642b972f2c805cc6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Oct 2023 01:36:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4445f8b4aa90508060b51297d772e8dc523bd985cd21c612d692738eab9c46d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29484
x-xss-protection
0
server
cafe
etag
989 / 19635 / m202309280101 / config-hash: 7490124171647261433
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:41 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37727a6044b9f7422f009a879c6be69420b1d72243bb2f8a3fb7e2f1239848c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91405
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Oct 2023 01:36:41 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 13:15:45 GMT
server
cloudflare
age
9977
etag
W/"651d6581-a1c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8111ef63a9ee39c7-FRA
expires
Thu, 05 Oct 2023 10:50:24 GMT
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 05 Oct 2023 01:36:41 GMT
content-encoding
br
age
43493
x-cache
HIT
x-client-device
desktop
content-length
10032
x-ap-device
DESKTOP
last-modified
Wed, 04 Oct 2023 13:22:42 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Thu, 05 Oct 2023 02:36:41 GMT
adpushup.js
cdn.adpushup.com/42753/ 		681 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 05 Oct 2023 01:36:41 GMT
content-encoding
br
age
403056
x-cache
HIT
x-client-device
desktop
content-length
145467
x-ap-device
DESKTOP
last-modified
Thu, 28 Sep 2023 16:35:35 GMT
server
ECAcc (ama/48F2)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Thu, 05 Oct 2023 02:36:41 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		563 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3414be21f73e767f8f31b5aeedb8911fca0c04029b9eeef7ee7aabf187cef41

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zpRItq_vvCOogn6cdIN4z.0yKbxGOzfT
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:41 GMT
x-amz-request-id
78AXCF3CVRJA4FV6
age
100
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
55236
x-amz-id-2
nc6RSRZkTHlJg/G0ltxXjed1/D2aiOk2jJNbzbw0sAofZ/snTj+IuJdhe3c9ymhAItcOhYgpogM=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 11:12:49 GMT
server
AmazonS3
x-timer
S1696469802.696700,VS0,VE0
etag
"db6efba72016c53ea0fe8d175722606f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
77
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
2
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10924
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkIqIgmZfv38Rfiv3iiUZjqbXC8k3Fus9E6SgQiY4MDGyehxVDomHThtzuGrxRmiLx2EbyjSyddavipaTuIA1G3oLhpB%2F3Hh4NkF%2BMPIfUFYuzg8%2B%2B5Fn3AD%2FpoRddXlfDKSeTlWwswiagjBVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8111ef681cf39b4b-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 		413 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
36287
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 03 Oct 2024 15:31:55 GMT
t.php
c.statcounter.com/ 		192 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=861AECDC810B4F444D2BF1039541D3D7&java=1&security=dd738f34&sc_snum=1&sess=95cc7e&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&t=%E8%A5%BF%E7%94%B2%E7%B6%9C%E5%90%88%EF%BC%9A%E7%9A%87%E9%A6%AC%E6%96%B0%E5%B9%B4%E9%A6%96%E6%88%B0%E5%A4%B1%E5%88%A9%C2%A0%E5%B7%B4%E8%96%A9%E5%AE%A2%E5%A0%B4%E4%B8%80%E7%90%83%E5%B0%8F%E5%8B%9D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2886&sc_rum_e_e=2893&sc_rum_f_s=0&sc_rum_f_e=2328&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8111ef67acb739c7-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
8da21c35dec9615f394d66cdd2aadf56.jpg
static.bg3.co/imgs/202204/ 		0
0
5a654cee70484d2296d24238fa7cdaad.jpg
static.bg3.co/imgs/202011/ 		0
0
44711896d5f091b0f04a5014c731d6e3.jpg
static.bg3.co/imgs/202105/ 		0
0
36fbeb3a5b7bd9a27b6e50a45d8bea4b.jpg
static.bg3.co/imgs/202105/ 		0
0
360780741ba4695115bc9d8bd09aea66.jpg
static.bg3.co/imgs/202105/ 		0
0
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1669171
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230080-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696469803.503923,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 16379
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1231702
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230080-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696469803.504006,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 694470
impl.20231004-3-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231004-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5e14b07ae2816b7391fefcf4392d022a706f5440a626231359b14bd513fa7f46

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Nmgd5KHA2MEtFmBenH3d6g505aIn_cJT
content-encoding
br
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:42 GMT
x-amz-request-id
VXWFEM3EDJCGT0XH
age
27170
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171895
x-amz-id-2
xJ82NthMgGGeD4+Amxj7Of1ZBBbTCkvIrHJ62W8vcne6hrkrOrzJ/fmamfUjtDtlNOdU8UGVAy0=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 10:02:46 GMT
server
AmazonS3-br
x-timer
S1696469803.519259,VS0,VE0
etag
"e50630579d335356fcc1b4ce890a811b"
vary
Accept-Encoding
content-type
application/javascript
abp
21
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
39221
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012309181453000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4de6c8a24d8959593744ade6de22ed29b5404dcdd0243d43e52209b56383f66
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 03 Oct 2023 20:49:09 GMT
age
103653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2976
x-xss-protection
0
server
sffe
etag
"38f77e2398a961a5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 02 Oct 2024 20:49:09 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012309181453000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71c87286b7656c279d8c6276b6602373709af8c8d4405cf94dc74e71ac9fd3b4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 03 Oct 2023 20:49:09 GMT
age
103653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3930
x-xss-protection
0
server
sffe
etag
"2c64beef00f20bbc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 02 Oct 2024 20:49:09 GMT
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3a20&_p=760036858&cid=1774176298.1696469803&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696469802&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=%E8%A5%BF%E7%94%B2%E7%B6%9C%E5%90%88%EF%BC%9A%E7%9A%87%E9%A6%AC%E6%96%B0%E5%B9%B4%E9%A6%96%E6%88%B0%E5%A4%B1%E5%88%A9%C2%A0%E5%B7%B4%E8%96%A9%E5%AE%A2%E5%A0%B4%E4%B8%80%E7%90%83%E5%B0%8F%E5%8B%9D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13669
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FrpW0A2kjsx7TjHJYpdHj2gr%2BQpZl7jEgB2cWlVEtIpgqFhmd4jfeh62uHOHLgMc51mfvDynTOQQOiPa9M2Frf58veWMZt8CA1TuvcHRryvgv96SfQbr2Icqy3%2FI2nWTCHP7ODsCdi7VyoR%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8111ef6abe729b4b-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
45d88d2a04660c581b9bc3db3ea8cdae586d9424c48c60956a1142e9fabc9a1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1652352362661859&correlator=365436786528491&eid=21065725&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696469802796&lmt=1696462602&adxs=220&adys=454&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1774176298.1696469803&ga_sid=1696469803&ga_hid=760036858&ga_fc=true&dlt=1696469801429&idt=1290&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2463f27e9907ec7ae42d30240a78616038fa7cc20cae193c1dc489a7140114c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12518
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CEBE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:42 GMT
expires
Fri, 04 Oct 2024 01:36:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3908511950955662&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:36:43 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 05 Oct 2023 01:36:42 GMT
content-encoding
br
age
1764339
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (ama/48CC)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 01:36:42 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 05 Oct 2023 01:36:42 GMT
content-encoding
br
age
4732624
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 01:36:42 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 05 Oct 2023 01:36:42 GMT
content-encoding
br
age
1764339
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 01:36:42 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTY0Njk4MDI5MTAsInBhY2tldElkIjoiMDAwMEE3MDEtOTQ0OWQ1N2MtMTNjNy00ZjVkLTgxMzMtMzY1NTYzOTEwYjA5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWppYS16b25nLWhlLWh1YW5nLW1hLXhpbi1uaWFuLXNob3Utemhhbi1zaGktbGktYmEtc2Eta2UtY2hhbmcteWktcWl1LXhpYW8tc2hlbmcuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3641.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1696469803049
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 04 Oct 2024 01:36:43 GMT
date
Thu, 05 Oct 2023 01:36:43 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
4199479
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
view
securepubads.g.doubleclick.net/pcs/ Frame 46F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3IbpN1mQ28K0AodN8CthWCjaNled1cwYMUGgQ1jf4yVKbKj93KPsE6tVCWKQ_mg7c6PtiiQatqs-P2_xHbKi210m6s97jfxlxizqZ72fFpYOmjKwDj1UUennQwAtR2I_5Bn_g6C8rpVgQ89ygFPLJMAPvGo1oyKdXu-t83L0sKRhQSaBlySDuho_mHNwER1rPCstPSDeBdNKifWp1Q7lVBouCfaczyJ2fu2BX3ixEhrDU-1b_AZsbsMaF7KwDT0Fq8r2xJ_3mohGOEYs21CDtGHhHlrO_LXjDyWOT6wIvZ5_9nNUJhLwJe6ixEuRcGLMSgg&sai=AMfl-YQWMdkM7xReH1qU5ptz5c9amZyZmMYrZPoPr_iS_pPEin9Y7TeGG5ndxqLetShCkCJn9bL6OkcK5uDwU8kA2thaaxYAU_V4mVYrACN8L4O6nDGiVFKcFvwR0PuPy8OekLOc-E591fFSaVTeG2Wa&sig=Cg0ArKJSzJmJcpB5x5TEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:36:43 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Oct 2023 02:36:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 46F5 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:43 GMT
sync
gum.criteo.com/ 		46 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231004-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2022059
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		74 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=03%3A36%3A43.170&lti=deflated&data=%7B%22id%22%3A900%2C%22ii%22%3A%22%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696417957700%2C%22vi%22%3A1696469803166%2C%22cv%22%3A%2220231004-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html%22%2C%22vpi%22%3A%22%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2862%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1702.421875%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231004-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1044511ad5afac1b13740cd5edad7f3821f9e5e907a29c61877cf2e1ef547192

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
261
date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.3927083333333334
x-fastly-to-nlb-rtt
64265
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230021-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1696469803.192216,VS0,VE261
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTY0Njk4MDMyMDksInBhY2tldElkIjoiMDAwMEE3MDEtOTQ0OWQ1N2MtMTNjNy00ZjVkLTgxMzMtMzY1NTYzOTEwYjA5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWppYS16b25nLWhlLWh1YW5nLW1hLXhpbi1uaWFuLXNob3Utemhhbi1zaGktbGktYmEtc2Eta2UtY2hhbmcteWktcWl1LXhpYW8tc2hlbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3943.800003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTY0Njk4MDMyMjIsInBhY2tldElkIjoiMDAwMEE3MDEtOTQ0OWQ1N2MtMTNjNy00ZjVkLTgxMzMtMzY1NTYzOTEwYjA5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWppYS16b25nLWhlLWh1YW5nLW1hLXhpbi1uaWFuLXNob3Utemhhbi1zaGktbGktYmEtc2Eta2UtY2hhbmcteWktcWl1LXhpYW8tc2hlbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3956.6000022888184
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTY0Njk4MDMyMjksInBhY2tldElkIjoiMDAwMEE3MDEtOTQ0OWQ1N2MtMTNjNy00ZjVkLTgxMzMtMzY1NTYzOTEwYjA5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWppYS16b25nLWhlLWh1YW5nLW1hLXhpbi1uaWFuLXNob3Utemhhbi1zaGktbGktYmEtc2Eta2UtY2hhbmcteWktcWl1LXhpYW8tc2hlbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3960.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1652352362661859&correlator=2788990716693808&eid=21065725&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dbe52cc7a3cf7e403%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MbsXnIUhFI-gmNJUL5IpS0FEzUGzw&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&arp=1&abxe=1&dt=1696469803238&lmt=1696462603&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1774176298.1696469803&ga_sid=1696469803&ga_hid=760036858&ga_fc=true&dlt=1696469801429&idt=1290&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_18_0_pv%26cluster_reporting%3Dchrome_DESKTOP_18_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83eee0a6397a7925930434db9f5c205b9ed8ce4dfcf0da83f5888a944b9eb65c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17072
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca7a8672a07fab48b90d072b49a0b88a112113c195f43526dd9ab8c60145ecd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:26:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
47423
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13159
x-xss-protection
0
server
cafe
etag
16611791723324671441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 03 Oct 2024 12:26:20 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 876F 		714 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
11158
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8111ef6ea85c2c26-FRA
content-encoding
br
content-type
text/html
date
Thu, 05 Oct 2023 01:36:43 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNOfNs3Zkn1qaG1m%2FjzdGiDuepF2SbOaVoU5tY%2F21Ermu5L5ciff9sYrFgZr8iv9w1CX6bEL3wUF5iVpXlhviRKDpBa0R2OW2L9h5zyFZUlPgqnTKpjcQkwZW25YdOWgFHqNAmpEK48X7EziRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2B34
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Oct 2023 01:36:43 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 05 Oct 2023 01:36:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Thu, 05 Oct 2023 01:36:43 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTY0Njk4MDMyMDksInBhY2tldElkIjoiMDAwMEE3MDEtOTQ0OWQ1N2MtMTNjNy00ZjVkLTgxMzMtMzY1NTYzOTEwYjA5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWppYS16b25nLWhlLWh1YW5nLW1hLXhpbi1uaWFuLXNob3Utemhhbi1zaGktbGktYmEtc2Eta2UtY2hhbmcteWktcWl1LXhpYW8tc2hlbmcuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4052.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3707 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b13ea151f5e852f00a460542b379f0a01d456a7cdcb8b1a498184c85db0233d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7882
x-xss-protection
0
server
cafe
etag
16112401198135545503
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:43 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 12 Oct 2023 01:36:43 GMT
truncated
/ Frame 46F5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ee9f8507b0df9e1f67b8b46f8c5974390b83edf7ce0178aa4fe760a2300fb56

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 46F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKzf88fIeCu1SUny3VkvCN86UJgzun3aBaf6H0pOIiBpmT_a5CyLqj-J6RI3YX8pehpNWU4HzY_XQGhfLPedrHbnRS6hiNL7ibh-4XHTVNsQeoA98bRjPoAmT0CKjkmabA-uz14Kd7y8dgdlH1Q8jP_y1TkeUSpIhI23b_Nl5HzsyHkmU35k5YKJywN39Zc_1CUxLJIQkC7dpJAxKq6RWYxnws_Pr8U8YgQEHep6GcEioF5WkYWPDXsc_QHAvRJRxvpRMpspmeOF4fID6zFupP9fgq1FnsY7usLwYQ62CTRfjSFfMHci_bnexmF5iip83H4Siy&sai=AMfl-YS43vXc2xyRFx06-NFid2k4xmwBg9AAexgk3asflZ-Qhcnyx4zfWLc-7onmKbTE9ewkqsl27I3vnc22_TcHV01M0FL1tyoS7nUURE63z-6GtAIwgL8QgnFLrkrfJOjnH7orMqvMVupf9K2aI_R_&sig=Cg0ArKJSzM58C18f9G8hEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:36:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 876F 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
160e31480ff98acc7bfae34d07797f6e1a81bce9bfa2a9f738df41e3d23ad8a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29410
x-xss-protection
0
server
cafe
etag
578 / 19635 / m202309280101 / config-hash: 7490124171647261433
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:43 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231005
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b2d4771eca82fee71c88c5479912851b57a6517186ff9bfd37c18ed6dda256e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34553
x-jsd-version
1.0.1833
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4565-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-gFu3ByDRxha2UNDC3sAy6zaGyqw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JpQzcnU9tMKdOz7vbDFmHdh%2BogDrUb4ZLmKDj2g%2BdnPFbGetoGKbo6j9eZVQRHXXVVC6RX%2FZtdY4OwgeswzYLj6fNFd1aGKxnxX5%2BBFe4dGLdbxx9rzbd3x9e7geDWL8cTi9ut0cFjDgFYWYOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8111ef7018ba0221-ZRH
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 05 Oct 2023 01:36:43 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
21da260a17ffdeb8ae837497d34cd8e0b605def8c778930d1a7421190aca1192

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		489 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=741a1e32-b624-4ba6-89b9-f048d734071c%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E8%A5%BF%E7%94%B2%E7%B6%9C%E5%90%88%EF%BC%9A%E7%9A%87%E9%A6%AC%E6%96%B0%E5%B9%B4%E9%A6%96%E6%88%B0%E5%A4%B1%E5%88%A9%E5%B7%B4%E8%96%A9%E5%AE%A2%E5%A0%B4%E4%B8%80%E7%90%83%E5%B0%8F%E5%8B%9D&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=aacdd812-48e1-456a-a06d-846c674e0358%3Bc3c479ef-0b6b-4408-a177-a99a9d6a80a3&l_pb_bid_id=5daa4b92c6dbc6%3B61063242a377c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=aacdd812-48e1-456a-a06d-846c674e0358%3Bc3c479ef-0b6b-4408-a177-a99a9d6a80a3&rp_maxbids=1&slots=2&rand=0.4588950586375513
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7b4278927334fc311c530af36923dfcad7d0d06b1757f204b5898678dea4c9fd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
prebid.smilewanted.com/ 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8111ef706f00921a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8111ef706f05921a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.26.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-26-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
10
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
tlx.3lift.com/header/ 		19 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.126.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-126-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
accept-ch
sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		2 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a15c16ca9475dfb94ef179b5cbc9094f456f6215cb007d00cec499c735fe1622

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
467
expires
Thu, 05 Oct 2023 01:36:43 GMT
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=76565297894&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 05 Oct 2023 01:36:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.110.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-110-88.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
76787ae0888fcb5ea843a295eed194941c207376f954d980e6db49a4c7cac114

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Oct 2023 01:36:43 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8d851e6c8c8a6e73b6d2721055e916904bc5b84842a47890616d7b2e0632f563

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Oct 2023 01:36:43 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4dec0ebd0d1ac85f1b558fd7653aa8e246d435796243fd3e886ff8f015be71ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
an-x-request-uuid
47af96f8-76b4-46a9-9b20-ad7d307f4551
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adreq
ads.servenobid.com/ 		981 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10057
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eacb66affcda009d1ff835d6c51805ff0cec4e517b30fd6335308e314aa62da7

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8WqbIwXjFbZpIGzZU2gfjwnMTAqouskzlEgQAgRwClyz5Hn7j5KGHlMMeCEt2nGGyK1n3gnj0lyOD4gWJXTlAj0e8tD%2FZiWKa0inasmaxlk8EZQvOyrtyzP6pLvGqPsXpXxryKT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8111ef70ac9124c2-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2e1f5ecdf52c51a78a4a676504b355bfe8adcd95ebad6e2cdf3f14764ce87d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQNCDUkO8rPlNTc4zqif58jdUeNrSBcvDJ%2Bx4ztQRNno1FtJ%2FwT8aGqpq%2F3uumC0E%2B1afks%2BDNDOTdaItvVzMDW3zikEsk5SAqUURuV51HgaNfGrSVSdjFF3%2BviFkSQYKgOp7oX0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8111ef70ac9424c2-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2e1f5ecdf52c51a78a4a676504b355bfe8adcd95ebad6e2cdf3f14764ce87d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmkmM2e5EaAlYtQyNCA9qALFmGO2Bxi95c7c8IjW%2BSFeK9cw0NwIA%2FjuPWbsor7wvx%2BQJpZ7bp2bMGurgGGdmgSzkWnkzHFEt%2Fm53ziwtvFr5APENHmH8eIBeVfIVPqO8G%2Ban1tc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8111ef70ac9524c2-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
7c859979be444e15b0bed90c9d467f8cfe3feacc4d577471af31a0c6c2261851

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 05 Oct 2023 01:36:43 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 05 Oct 2023 01:36:43 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
impress
ad.vidverto.io/delivery/ 		51 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&referrer=&async=1&uid=2362556543&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3db25eb80fb4d90ab88453d07eb9edf46a58d231f2687521992ce047970c6d61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
floating-unit.20231004-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231004-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dba4c7a4241813f1b6b59466b158b457d5d19d0e077ba462c32b461a92fa6981

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
aLU4h.GU_OrJPeonP4fxeywVxsAsXZoS
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:43 GMT
x-amz-request-id
SRY58V9XR94X74MS
age
36015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
yDwf+X2J3NfBpJL8puGh/zdYQs6vCoRm0eWaQQkqUQIAB/okmzCfmdzT9JGTK8jlkwmKd04J981NLQQ3W0Y34w==
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 15:36:28 GMT
server
AmazonS3
x-timer
S1696469804.681897,VS0,VE0
etag
"735379e861b0436a54e91324afb58e35"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6786
taboola-vignette-new-scanning.20231004-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231004-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f8c39761a2d5d2a4eb17d0be6c55e98155b90eabc14041917a0ea678972eb24

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hSVyVEERM5I9flsD3o5R.tkndAlcraQj
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:43 GMT
x-amz-request-id
F9VGK9D619AEJ72M
age
35997
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
znao0ov2L0Q0oDK2T8TlknYAUPEmcoqhMWy2wUjX/IEA8QLAZ1UGBMl8MOxrYPvgwssKaFaGSHY=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 15:36:47 GMT
server
AmazonS3
x-timer
S1696469804.686601,VS0,VE0
etag
"d41cad72ee8c9ced90f01fb3517060d8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5334
distance-from-article.20231004-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231004-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e1c3e69122803c91a2eded9f6314186402f803ef02bc59ab6d7daf552eb3ab9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5NyKZyGoKf6bOXPk23aq1ZCUVzqo2.lq
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:43 GMT
x-amz-request-id
DZCPH25199R71S4A
age
36025
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
jzs58medzlwDEFmbdEh6Iin5othO4LgLlVjBvjGcFYkIY07LYCVafipVGiFYvdRrEX4eVmrJd0c=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 15:36:18 GMT
server
AmazonS3
x-timer
S1696469804.702332,VS0,VE0
etag
"ddfe3742ee804180ca2e64c4d8dc8511"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
67192
article-detection.20231004-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231004-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a51dd69ca045ea64d77efb10676300f5d217f6034fb6b0bea7b6acba97a21e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_PKNBgoOxZdj0LBxcoD8zREMEdGr3hPN
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:43 GMT
x-amz-request-id
3401Y03EM58S2TM9
age
36032
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
g6uVl/kcC5NTKhFLRTvNfgbIZdPO1Gn/xM4SUP/3MApUYGKdJqrG1thnpbCrenuyWcUHkoRJb+0=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 15:36:12 GMT
server
AmazonS3
x-timer
S1696469804.710461,VS0,VE0
etag
"8ee7ca486cc7e5ddba5e5e24a3fb8065"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
80
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
67183
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.9/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231004-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6cf7f6b545e3bca01c1d76754a14719ce1329ab67177bd145767c2f2bc75fd8

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
140346
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34324
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 03 Oct 2023 10:37:22 GMT
server
AmazonS3
x-timer
S1696469804.773182,VS0,VE0
etag
"1181e33be6e95d56261bd3572bdb31d3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
VnOQqcgNvJd8krScFwjdojRzByzEWPAhjW_3PNjOf14jCRgoMvbOeA==
x-cache-hits
18600
feed-card-placeholder.20231004-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231004-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfbb8822dd512114019f9b4fd21800f666fdd6c179362107620012adf48ae119

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DamHAHe6KF7CBajMbIGr0QL.Zr4Aw9x7
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:43 GMT
x-amz-request-id
73176TNKC69TMJB0
age
36020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
A+LJeXPJeVML5Y9UtnPBl9dezQUilX5gDJ04WeT8Zsl3IKKtOhKWf1KSitBLTR7ngLF/x42yeGk=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 15:36:23 GMT
server
AmazonS3
x-timer
S1696469804.710508,VS0,VE0
etag
"0ae3935e92c9197b525f32d8ce4f5e55"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
82
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
62358
userx.20231004-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231004-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5bb9c7cf64cecd0059e881cd85726c0b95541e6c14a789404eb4f3fa7201b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CJKtJTpn4RqTm8W8Z7dQWoegfYZNH0SF
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:43 GMT
x-amz-request-id
2SQY6W13F4057X20
age
35993
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
WJyhOr7D/9vu/wTnnFZOmA6dThGZ95s0yDq3pm09ShPHmdQa+iyUe+xdbD4iLSjDT5C6jRC5qmI=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 15:36:51 GMT
server
AmazonS3
x-timer
S1696469804.718369,VS0,VE0
etag
"1468bc1c4f0cf767a7b157a1f7d3f2de"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11096
explore-more.20231004-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231004-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcd4aa96d858f0fad7a717213c7cb2c8378d81795aaeed31580a859d4739be97

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
agqdhLLZu1hIrkeU1cgYsI8rhdIubN3X
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:43 GMT
x-amz-request-id
P4343DJ0HF9WGQJ3
age
36022
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
soiy1UMmuxQxkrcgWs/qgIXsjtMaeAhgPXi8zgFuT761Lvogw8ojhDlx2PS1VNEVHkVpI8+NkAI=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 15:36:22 GMT
server
AmazonS3
x-timer
S1696469804.740456,VS0,VE0
etag
"4632ea102713106a89a4fe96594582aa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
59
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
33880
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=03%3A36%3A43.674&id=9586&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1696469803678%7D&tim=03%3A36%3A43.679&id=4439&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696469803689%7D&tim=03%3A36%3A43.689&id=3980&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A36%3A43.731&id=1892&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A36%3A43.741&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=9871&cv=20231004-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70157
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A36%3A43.743&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=2560&cv=20231004-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70157
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A36%3A43.749&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=2457&cv=20231004-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
71304
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A36%3A43.750&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2597&cv=20231004-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
71304
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A36%3A43.755&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=826&cv=20231004-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
71304
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:43 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
96
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1696469804.767487,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
55
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
21
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3707 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e13c1d33dbffe4c778fa2b133363988b8c7a4de94a4ba64b4034f5d994aa13c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51197
x-xss-protection
0
server
cafe
etag
10191979701277831857
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:43 GMT
usync.js
eus.rubiconproject.com/ Frame 2B34 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4fa2e54f14f97f0dbbfe4b2045f78e943a2707afc0f3fa747786cfba7388530f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:36:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 00:24:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82136
Connection
keep-alive
Content-Length
10463
Expires
Fri, 06 Oct 2023 00:25:39 GMT
/
onetag-sys.com/usync/ Frame 2885 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		359 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81d346cd690e79e7a6c9c5150088ba24600d44f1cf682e4d0974c6c45b3c97d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125855
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:36:43 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Oct 2023 02:36:43 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Oct 2023 02:36:43 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=f923843e82ffefd5e27bf434aa4bee22
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
30d4b5c37756882cba7485ed2fb9aa7584706169e009301a994501fe42d79759

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-160d1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Oct 2023 02:36:43 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Oct 2023 02:36:43 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		284 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 11:42:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fefd1c-47038"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Oct 2023 02:36:43 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Da1a125df-0438-45d2-aab7-279134ad67b0%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=a1a125df-0438-45d2-aab7-279134ad67b0&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=a1a125df-0438-45d2-aab7-279134ad67b0&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=a1a125df-0438-45d2-aab7-279134ad67b0&p_id=23
date
Thu, 05 Oct 2023 01:36:44 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=a1a125df-0438-45d2-aab7-279134ad67b0&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=a1a125df-0438-45d2-aab7-279134ad67b0&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bac187e5-310c-4a69-8234-373032cc077a&ssp=prodoohmox&gdpr=0&gdpr_consent=
42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bac187e5-310c-4a69-8234-373032cc077a&ssp=prodoohmox&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bac187e5-310c-4a69-8234-373032cc077a&ssp=prodoohmox&gdpr=0&gdpr_consent=
date
Thu, 05 Oct 2023 01:36:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:43 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Thu, 12 Oct 2023 01:36:43 GMT
c8501ffcb32e1e66595bac99c61cf0a1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8501ffcb32e1e66595bac99c61cf0a1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
630a3f8a077b1f48b86683c02eae35cc0dfcf765b0e82fb8381b610cdd6e47c8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8501ffcb32e1e66595bac99c61cf0a1.jpg
age
4122867
edge-cache-tag
466370907613478688840362783371873638964,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
466370907613478688840362783371873638964,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
461
expiration
expiry-date="Sat, 26 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.3dpchip.com/
content-length
42638
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kiad7000055-IAD, cache-lax10655-LGB, cache-iad-kjyo7100117-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 26 Jul 2023 03:05:05 GMT
server
nginx
x-timer
S1696469804.040555,VS0,VE1
etag
"7cbe2f20fe9fdab8c0b64832bec32b24"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 10, 1
c8501ffcb32e1e66595bac99c61cf0a1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8501ffcb32e1e66595bac99c61cf0a1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ad642383b56f966a70bfc92c9b64bcee93164f4ddf14219ff931f4b26f62ee66

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8501ffcb32e1e66595bac99c61cf0a1.jpg
age
2432839
edge-cache-tag
466370907613478688840362783371873638964,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
466370907613478688840362783371873638964,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
276
req-referer
https://ibctamil.com/
content-length
28844
x-request-id
c29113c500c414698fbb202fa7686e23
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100059-IAD, cache-iad-kiad7000058-IAD, cache-iad-kiad7000113-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 04 Sep 2023 15:38:36 GMT
server
nginx
x-timer
S1696469804.040362,VS0,VE1
etag
"5612c1f44007909d1700928314cefc33"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 19, 1
d-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/nQMQQKM/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/nQMQQKM/d-1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba12ea8892db99045977b015ae33b22b37a9d601c448e953e3e69fae95bab251

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/nQMQQKM/d-1.jpg
age
4781577
edge-cache-tag
525360527400017089352312631480807630068,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
525360527400017089352312631480807630068,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
370
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.semana.com/
content-length
8220
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200077-IAD, cache-iad-kjyo7100170-IAD, cache-iad-kcgs7200082-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 17 Jul 2023 15:32:21 GMT
server
nginx
x-timer
S1696469804.040163,VS0,VE1
etag
"93f600355b9def4c0d7f362b8781c572"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 271, 1
fd60ba272e6990d0bd21be3361a1ee3f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd60ba272e6990d0bd21be3361a1ee3f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
759b9e1dbefd25c960d9a55485f678003177c9ab30f64f1dd099c5953e41f56e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd60ba272e6990d0bd21be3361a1ee3f.jpg
age
3950671
edge-cache-tag
453053457951794540492673380182346325272,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
453053457951794540492673380182346325272,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
189
expiration
expiry-date="Tue, 19 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
24318
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000111-IAD, cache-iad-kiad7000062-IAD, cache-iad-kcgs7200061-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 19 Aug 2023 08:35:10 GMT
server
nginx
x-timer
S1696469804.040361,VS0,VE1
etag
"a344261e63496479d654e7fe56e14efb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 17, 1
6ad0d66bc1b961b58aa80dadfe584643.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ad0d66bc1b961b58aa80dadfe584643.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
76f9104a732edcd1aaad9885e0943715afb075b48e92a74b75b615a7e388ad71

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ad0d66bc1b961b58aa80dadfe584643.png
age
2369925
edge-cache-tag
509418211262262279348746900157515220070,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
509418211262262279348746900157515220070,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
165
req-referer
https://jvpnews.com/
content-length
27312
x-request-id
33e03eb0b88f7cc374efce2fb17c26a1
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100033-IAD, cache-iad-kcgs7200135-IAD, cache-sna10745-LGB, cache-iad-kiad7000174-IAD, cache-fra-eddf8230021-FRA
last-modified
Thu, 07 Sep 2023 15:17:51 GMT
server
nginx
x-timer
S1696469804.040528,VS0,VE1
etag
"2824b45cb476e3006b3ae4d0600cdf7f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 12, 1
UCQ9dJ.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imagizer.imageshack.com/img924/4399/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imagizer.imageshack.com/img924/4399/UCQ9dJ.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
83fbf1c6d21681b93051a598abe8903c7bc8569f8795d8782976346d370c6abe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imagizer.imageshack.com/img924/4399/UCQ9dJ.png
age
1940337
edge-cache-tag
613628874034191020579178794311626833964,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
613628874034191020579178794311626833964,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
71
expiration
expiry-date="Mon, 25 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/
content-length
11488
x-backend-name
LA_nlb201
x-served-by
cache-iad-kjyo7100107-IAD, cache-iad-kjyo7100107-IAD, cache-sna10747-LGB, cache-iad-kiad7000174-IAD, cache-fra-eddf8230021-FRA
last-modified
Fri, 25 Aug 2023 16:23:35 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=600,obytes=25662
x-timer
S1696469804.040381,VS0,VE1
etag
"3035e20ec071921ef7aca0f7d143cf6f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 31, 1
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f7ffef8f085a2c56250bba51835fbb0d64cd1f1b1c898e88179d8febb1fd62a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
2794981
edge-cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
100
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.readbakery.com/
content-length
8080
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000179-IAD, cache-iad-kiad7000089-IAD, cache-lax10669-LGB, cache-iad-kiad7000113-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 16 Aug 2023 14:09:57 GMT
server
nginx
x-timer
S1696469804.065148,VS0,VE1
etag
"2ab09194cbfd18a791103c6697590d5d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 212, 1
c8501ffcb32e1e66595bac99c61cf0a1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8501ffcb32e1e66595bac99c61cf0a1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
429791f9f595711b26b12895436e8fadfa7790d04dab7e3a225f6fd01fcfe1f9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8501ffcb32e1e66595bac99c61cf0a1.jpg
age
3766710
edge-cache-tag
466370907613478688840362783371873638964,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
466370907613478688840362783371873638964,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
229
expiration
expiry-date="Tue, 19 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://mexico.as.com/
content-length
32924
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200134-IAD, cache-iad-kcgs7200134-IAD, cache-sna10739-LGB, cache-iad-kiad7000136-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 19 Aug 2023 07:39:00 GMT
server
nginx
x-timer
S1696469804.069506,VS0,VE1
etag
"de233231ccdcb5d56bf908aaedb2e39e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 17, 1, 1, 1
6ad0d66bc1b961b58aa80dadfe584643.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ad0d66bc1b961b58aa80dadfe584643.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9da30b225be90fc0c101b01ab32d181acc00d9c62de5d1b919ae56faf6e5addf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ad0d66bc1b961b58aa80dadfe584643.png
age
2305102
edge-cache-tag
509418211262262279348746900157515220070,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
509418211262262279348746900157515220070,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
176
req-referer
https://www.giga.de/
content-length
31284
x-request-id
a6f7d6f16c4105edee8a0e9c9b9ba2f7
x-backend-name
LA_nlb201
x-served-by
cache-iad-kjyo7100095-IAD, cache-iad-kjyo7100095-IAD, cache-sna10750-LGB, cache-iad-kjyo7100031-IAD, cache-fra-eddf8230021-FRA
last-modified
Thu, 07 Sep 2023 15:18:00 GMT
server
nginx
x-timer
S1696469804.070242,VS0,VE1
etag
"69d0e607ef97e5187cd6fc23e6eacb02"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 27, 1, 0, 1
d-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/nQMQQKM/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/nQMQQKM/d-1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d7ee0e73089af7c98fbd11ba883051e4e759a24d0e2787e991c1595b5cb9dd5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/nQMQQKM/d-1.jpg
age
4781578
edge-cache-tag
525360527400017089352312631480807630068,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
525360527400017089352312631480807630068,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
315
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.giga.de/
content-length
16436
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200077-IAD, cache-iad-kiad7000151-IAD, cache-iad-kcgs7200090-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 17 Jul 2023 15:32:21 GMT
server
nginx
x-timer
S1696469804.074988,VS0,VE1
etag
"93f600355b9def4c0d7f362b8781c572"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 122, 1
fd60ba272e6990d0bd21be3361a1ee3f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd60ba272e6990d0bd21be3361a1ee3f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bfedcc9a341630205f4fdad1b394786da6b1aa754cd85bdd177777824163af50

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd60ba272e6990d0bd21be3361a1ee3f.jpg
age
836863
edge-cache-tag
453053457951794540492673380182346325272,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
453053457951794540492673380182346325272,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
323
req-referer
https://www.kleinezeitung.at/
content-length
58254
x-request-id
623cefff2274a2c1fdc886b1bac6ba65
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000111-IAD, cache-iad-kiad7000153-IAD, cache-iad-kiad7000092-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 20 Sep 2023 17:57:51 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=76922,owidth=1000,oheight=600,obytes=446499
x-timer
S1696469804.083304,VS0,VE1
etag
"a344261e63496479d654e7fe56e14efb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 16, 1
container.html
ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2768 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:42 GMT
expires
Fri, 04 Oct 2024 01:36:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 00:55:25 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2989
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
bCuDZvwQ49N2ondvPld08B5XY--hC4n-YZiIvOsVn2kg01lTKtYF6g==
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aS1qaWEtem9uZy1oZS1odWFuZy1tYS14aW4tbmlhbi1zaG91LXpoYW4tc2hpLWxpLWJhLXNhLWtlLWNoYW5nLXlpLXFpdS14aWFvLXNoZW5nLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS05NDQ5ZDU3Yy0xM2M3LTRmNWQtODEzMy0zNjU1NjM5MTBiMDkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMzdhOTk4OWYtMzkxMC00OGVkLWI0YjAtZDBjZjJhZjMzNTUyIiwidGltZU9mQXVjdGlvbiI6MTY5NjQ2OTgwMzQ3NiwiYmlkcyI6W3siY3BtIjowLjAzLCJhZElkIjoiNzY0N2ZjZTYzMjM5MTI5Iiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM3MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY0Njk4MDM5MTZ9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiaXgiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc2NDdmY2U2MzIzOTEyOSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTd9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjM3YTk5ODlmLTM5MTAtNDhlZC1iNGIwLWQwY2YyYWYzMzU1MiIsInRpbWVPZkF1Y3Rpb24iOjE2OTY0Njk4MDM0NzYsImJpZHMiOlt7ImNwbSI6MC4wNCwiYWRJZCI6Ijc1N2MzMmZiNzI2ZTIxNCIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM2NiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY0Njk4MDM5MTJ9LHsiY3BtIjowLjYsImFkSWQiOiI3N2E0ZDI4YWU2YjM3NmYiLCJvcmlnaW5hbENwbSI6MC42LCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwNiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTU2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjQ2OTgwNDA2M30seyJjcG0iOjAuNiwiYWRJZCI6Ijc4OWZhNjUzMmVmZTE4YiIsIm9yaWdpbmFsQ3BtIjowLjYsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDA2LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1NTYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2NDY5ODA0MDYzfSx7ImNwbSI6MC42LCJhZElkIjoiNzkwYWRiYWM2MzVlZDA2Iiwib3JpZ2luYWxDcG0iOjAuNiwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDYsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjU1NywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY0Njk4MDQwNjR9LHsiY3BtIjowLjYsImFkSWQiOiI4MGE2Y2MxODY3NjM1YjIiLCJvcmlnaW5hbENwbSI6MC42LCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwNiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTU3LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjQ2OTgwNDA2NH0seyJjcG0iOjAuMywiYWRJZCI6IjgxMjZiNjJkMTU0MzllNiIsIm9yaWdpbmFsQ3BtIjowLjMsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAzLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1NTgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2NDY5ODA0MDY1fSx7ImNwbSI6MC4xMDcwOTEsImFkSWQiOiI4Mjc2NDFjM2VjNzc2ZDUiLCJvcmlnaW5hbENwbSI6MC4xMDcwOTEsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAxMDcwOTEwMDAwMDAwMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTczLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjQ2OTgwNDEwNX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJ0ZWFkcyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzdhNGQyOGFlNmIzNzZmIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDZ9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=4902.200000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ Frame 876F 		413 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
36289
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 03 Oct 2024 15:31:55 GMT
khaos.json
token.rubiconproject.com/ Frame 2B34 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1652352362661859&correlator=569579918340496&eid=21065725&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbe52cc7a3cf7e403%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MbsXnIUhFI-gmNJUL5IpS0FEzUGzw&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&arp=1&abxe=1&dt=1696469804259&lmt=1696462604&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=1774176298.1696469803&ga_sid=1696469803&ga_hid=760036858&ga_fc=true&dlt=1696469801429&idt=1290&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_18_0%26cluster_reporting%3Dchrome_DESKTOP_18_1_active_0%26refresh27Split%3Drefresh_experiment_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.60%26hb_ap_adid%3D77a4d28ae6b376f%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27d3d3fd0207987635f131c6f43bc408a8efe1495d1bc466d40eb3f70eba319d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11978
x-xss-protection
0
google-lineitem-id
5221339804
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294466153
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		63 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1652352362661859&correlator=569579918340496&eid=21065725&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbe52cc7a3cf7e403%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MbsXnIUhFI-gmNJUL5IpS0FEzUGzw&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&arp=1&abxe=1&dt=1696469804263&lmt=1696462604&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1774176298.1696469803&ga_sid=1696469803&ga_hid=760036858&ga_fc=true&dlt=1696469801429&idt=1290&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_18_0%26cluster_reporting%3Dchrome_DESKTOP_18_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D7647fce63239129%26hb_ap_bidder%3Dix%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a508f38a4d76769131cd01e28038e5d000f040ca1ce962cacd05ca87e301a3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16285
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 2768 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
URL: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 23:58:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 01:36:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AE70 		478 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNWmyYZknsbnuTZtQpQyE1RnrfGr8mPgyAOMuUAonLb3zklMbx9T9rQniboSQaJoUqUTXtqnIfvGsAcqvar229GD6oEJ2g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F798 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame F798 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
42813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame F798 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
42813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
l
www.google.com/ads/measurement/ Frame F798 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWtnVrOVoRfXrFwLjdj13_dKb6F6oXJp-33Mjlz7S8vxf8huuPexgfUmWHKacbbRpdgnoBoi0ga9JLfK-KaAkWAG4_PA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F798 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F798 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAAeEdz0QLOFxDjl7LvuPSMEWNKp8ZVpHV-Vc8iHhubxLz_HfZGyUJ3iA0rCu4ApGX48M2ZvWtDSwBqIvpNV93_nT1VVHouYZCNClmP5Y9cPY1Mg4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F798 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5640411354713386901&x=1&ct=76
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame 2768 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
URL: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
41794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
11420928434021954480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 14:00:10 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ Frame 3707 		391 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cee5162170c4ed6238a4fc468582e829a6dc3363c14823bff33f34a45293a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135723
x-xss-protection
0
server
cafe
etag
5985981735232607797
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/ Frame F9FC 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
39236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:42:48 GMT
etag
2603938475786422795
expires
Wed, 18 Oct 2023 14:42:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
next-up-widget.20231004-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231004-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d68c4fdfb446fe1080fa613d7a38fb08b2e3cb6906aa805aacf2357a4cfa2dbc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
poo.P3p91CJdHld5K1uAEmGEKPgwCC9O
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:44 GMT
x-amz-request-id
GKBZSK9GP7HK8NK5
age
36013
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
3Nyjya6dfRKJiyxqsckfQNcu6bGRfxeqLf3YrscHts5zK9PBqhRLMtpwLbbdbZ4lYZpb/Adv3hU=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 15:36:32 GMT
server
AmazonS3
x-timer
S1696469804.433547,VS0,VE0
etag
"ef0db8000ec18b59fb7ff0645df7402e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6636
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A3101%7D%22%2C%22eventTime%22%3A1696469804551%7D&tim=03%3A36%3A44.551&id=8822&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A36%3A44.561&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3837&cv=20231004-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
77263
css2
fonts.googleapis.com/ 		20 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231004-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 23:55:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 01:36:44 GMT
spa-detector.20231004-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231004-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b885e9682b660b1ce7804b282e2c9c9759f28f63142c2b729d25221e04772b7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ub5AJBc8y9Xu6g6CcsGcEo1OByjHORNC
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Oct 2023 01:36:44 GMT
x-amz-request-id
RJRGFNKGFBZJQ7HY
age
36006
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
OIo79q+RbcQwsqlahWXjgsx+Aa8oAmJis8nbHeQKjpZmlkJB5rI0B/cuEQCtzcMczr7RzWKAgxw=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 15:36:38 GMT
server
AmazonS3
x-timer
S1696469805.594177,VS0,VE0
etag
"0abdcdd4af16638020d9b375f4bbcac1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
78
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
34586
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A36%3A44.562&id=1815&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1696469804577%7D&tim=03%3A36%3A44.577&id=1273&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A36%3A44.580&id=7461&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1696469804582%7D&tim=03%3A36%3A44.583&id=1781&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
idsync
sync.aralego.com/ Frame 2B34
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNCIBI58-6-6WQ8
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNCIBI58-6-6WQ8
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNCIBI58-6-6WQ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNCIBI58-6-6WQ8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
pixel
cm.g.doubleclick.net/ Frame AE70 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNWmyYZknsbnuTZtQpQyE1RnrfGr8mPgyAOMuUAonLb3zklMbx9T9rQniboSQaJoUqUTXtqnIfvGsAcqvar229GD6oEJ2g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AE70
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOuAse8xmhLqsRTMpqxhq1M&google_cver=1
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOuAse8xmhLqsRTMpqxhq1M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNWmyYZknsbnuTZtQpQyE1RnrfGr8mPgyAOMuUAonLb3zklMbx9T9rQniboSQaJoUqUTXtqnIfvGsAcqvar229GD6oEJ2g
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nm8bcFUk5cht9gtFgCwgidhNVeKJ7RjDBWiwTa1ERY4KpYx0bGOaMsCuCjBynz9sdtPlVWRWyFXmsgufnnH6c92P4A2wXBLwM7w%2Fu0FyUuYSYpgDAfw7hfXRDFYHx8LrEsUqNWc7SXutg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef782c2c24c2-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOuAse8xmhLqsRTMpqxhq1M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AE70
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR4TLD8J.Rbq8oGvwfm8gwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOuAse8xmhLqsRTMpqxhq1M&google_cver=1&google_hm=2
43 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOuAse8xmhLqsRTMpqxhq1M&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNWmyYZknsbnuTZtQpQyE1RnrfGr8mPgyAOMuUAonLb3zklMbx9T9rQniboSQaJoUqUTXtqnIfvGsAcqvar229GD6oEJ2g
Protocol
H3
Server
2606:4700::6812:1bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQqTo0X%2FTL4%2FqIYfyJFGneRWXRfhnLuX4Grkh3QYcFRhmzaBSL7fVinOVDalYgb1XWZMD5dGGowyX8%2BmdU25jz5VzB9C%2BPzONcqvf9YLYGa28OHEEvfL%2FdX2%2FqMMj9CXbdaDiJ5LEHzfyjsy2IOumukcRFEyEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef7a1a4c23df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOuAse8xmhLqsRTMpqxhq1M&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F798 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4878009912779&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F798 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4878009912779&version=m202309260101&ct=76&x=1&cor=5640411354713387000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F798 		75 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJ8QMmkiqjfQSw7KPpZiMEnwPcFqOwCosp3Gn9hIGFNR9mgbPAYEkfcl3aDjEo3tFDc0buIEUsso4Uw_i-Uric3obXEQ&cry=1&dbm_d=AKAmf-BqQ8uqvWFoC-tHqsZsQq12vrJk9iGYc_kSGuzOtJ7gprjzntOd-TPQHINSplW4eEKCzaWwdCA0tu_BcnoUy-NkxK5v5C_OTje1oTmAZOibFYRLHjZUvbL3tnDa2FFwxoWjC544MYA3Zj_5s2hMDOFwq7VdM9HdGKwsowLlK1Nm2we1DwKEDoMkBNLl9HFUQEArAzIQBAv_X6_wySiWGOCYcdEKR3oR5BtzBxIo0mWr6xPWXX6zuLFuKjzlGACJ2WoXlWCsv1QmKdQh7I3FRx0lOtU1vrz7DSL_IGqrXyivxOF19DiR7V3NAVRh4CLyaGaEGc5rQwgk4rZjqq9GZHM2kg7tRYODrtv9FK_u6iQ_Hg5cFm1wAx9nrNkq_pbP2V2ZUR9pF4UVoEP7-nFAP0ZnjMevqmhV_wQSPwfIkpYAQp1PpSZw30UhjKbsiBKo9sh2Vjvjse4E6EhMsu2vu0LlwsXpTlwqhS7kDHccA2ow-eDXHqCD6jcgiOLgAPq_TUQ7izO5vZDyTKk1mlfnrROI5KDDdNLs5uAyNEJpjP_tcrW3OyUm6GAqLkpvtUgHE1J1DaclJ5BZE4ShB3ybtsoxRr1La6azXaSTzM9aoNxOHXCEeUFemMEZiZcVBYJvy3oWA0Vyz98E-aUGxKDzlfCCo4as0v2aTc9xLyS6o7_c-Wd3CGBW44TWyqJgPHq2u3pV3hTHVW6CtByo7a4Y3IFYjhOpmxbsg_KJ4pzTuu5wnjcB6nrWtKWT8U49c1fhjr85mxwL5raa-7PWfOiHYEAitagOOpIvSoY0v6SQrk_PDruKkh6T3r4A4s9m7taqXBo8thx89giaIOJsOy4rYMxhU2KQ-3D6my2rsd0idTzLfP-DgrmbQrZ9qdgbZW5nmo3ktndneVk1nNNmUA4Tgebfb6z__rY1aRPe3RTxTY_sAA2u9ITwck9mRxpVjJJExmxHUC-O29FlJSXoXTP380nO28OPhS3UwgPYV0mlhShfQQZKhqmfql5GYp7PXllokz5ZB5aN3fm-epHdrGez_kxF3cZCk6tth0IoSQQrNuzf6GmKPs3KAm6KRMHiBh2fwQaumz6p6C-Wu25CxXgVQTa-1pztM0ETtSnpsT8_RsYavQ2Osd1w3ZO5X9Ea0wBfjSXuLjCECbniXnjJOC_iwe9HOR1qXvKUKWVoFXgh8xQJhZNhg-6nhI0EV4Lwg47CGswFErkoGCZT85aOfzx3uryqt8iaml6STdXiFXhMBTteFCokiEbV7UytQWoLKZQAGFMcIo8b-k5UkWvrYZ_Zkml5eYGmVnPfpvJrsVL1wnyON1fGTojYdJQ49PWgkZQLGjRwrCD5s5TRLk7yib9yrauNRnP8pKEqpaNFrKwXX_EV9jc4ncUSmFXIowrVbDBfD0qVU9FPTeKuPd4L-GrTDPriAQuAcxu5K70cAt4qn3UjLMtctCR4c7s3O22kjpQvUinz99WUzsViV6yB7GSTw9aMVSr4GyBQFZ18_znXyCg-1A8zyus1e3XL8-UCTMwDNObJ6Re_dXVGJ4QPlvKipkyM9kIoAPOAg0Bw6th2iQklF6xq4_eXKTYwf-KfKc7juBOIJpeL5KipdObKpf5-pTTiFvJ2IciinKpzbKcY2uAb2KGJYdigqJD73ukVFYDyyCO7Dh8YBm7x167flT5otXhsTp7e7NisMvF7mb-aJmih4EpHUPM9t_xNnwb3d9TzS7y-0Ot9vPwGhkkt3nx6aO9Qx3WKgA4iWnykNhupweOq72rqNGiSo3zevK5IcVyWiHaIm86m8V6Pb_5sj0ebii2D-6sQWyGtjajxMk69BAo58GocpkvjcCjFMQfETpGO1I03aPpbLB_N3N6yqdgQNu9iLYYvyc7IxpbFFVf0t9Mkda99xoCyUm7KVwCN2bhRj9OferOiZP48i-yrOY0bhPWrasjqkUv9_VHMordsHv2vYNm283_Gguktm-ewkSRpJftTUbtDCZrokV5SRf_tEGE7oXMWQI9UxQ4vKwR2oRcwJ3zWNANgSpWEnrfdCJtm_Q3-3IgQZftRFKCu7CMu1PP-uqKiFvABp6-omBnKlS_Sm4xtK8zgpf_YSCQoHpFrxH178ePMfMnZP-beNi12zwCa0nKLloZ6JRKyuT9yhErASyDK60pELcSakmI8hAj8jJqpvDyz0wQKmzeuBHf8CNwz0J_wU_6mGYk7hOsBVItLietxqLpdbV0x1LGHEp-2C6mmZf-fe24PBsDuJnL6xDq3lGLxkhKV0NuUBO1TmdqXibSspesX0irnISrHQ77IuhG0YmrNGk5ia2n-gtuLgXRQPyC4bNFS65JMoeQ1m0EkNSfEzgV9IZnrBV0aeLpKb_KM3YpnM1QYSHo1rtNKabbriOvxf3UZiBFkC4fBlOFuH281-0I3RLIksfhZKn0neG8yfJY5wBVNTp1XwRjRq4GyBZVfH55dVX12rBws9waA9iOFEPBA4fdyaFcrpyuiIpwGgjGNwH_2BMP3Cd6mDfIfuWgIpC1NiNw70d__iI1DGQgYe3qaksPl_1VR_d4YN3N67X2Y03z94SDnrNK_MlUSLE789KBdDh_NK6nbxC2_mJak7RE06-A5dLrHcf_bUIo5QH5CSh9JPt97KRBgicyOP8I09dU6t1DxXj4GvF-Qx-QIdJbg_LM0VROKK2GG6UnY4HuzsTt87u7wYSTMnl87-9tmWm4bivmB9HwoQgFQK2TdOOPeXZe3O4YmZmUcmKoeAYmwzyLwBKZCsOp6wcd6064roEq7WYhoUHXNQYWe30mhIZ17RTkg1hDeO7yhKyX8_Q7KUT2okuDH349xdzlG1y70PUN0gZcFRPFXgo2W5UQepBpcc-mMxuveVWEtJVBc_T073YDjiRVBPZTl0t7ReNX74xDMkfjuYxQETTpd06LoTIWnMgOMlejZ7ZXDke_o5HdF4lOIunPPuiRGvHOzb-IoCMYrg11piP4e_ssx0OxIioyJTbi4NBe_fb6zbDWg4cYENq_0MIMV75nuuP8MxuoPP1w6mnG71HPKwSY_gxEHY6g1hFOJuLmigYyGxUR4FfZyYc6z7IrRexcaoqH9qYi7tUMvgzcQs24Xh3t_qaBGq909hfjGm7v6qnUYpZagmhh7x_0RvdFjUmeJStDwi60fCt9SWMldnIih5EgKzxnVLtwcV_9iU6Zav9Gxhzm9YlxtEkVr97RgRuoabETBAIUgnpvozc3rIsCrlsMGJ2ZjcN5D1OWmiIr9oW6jfjr3vADCYIs8upJlk4jLWfzUWVuGtoNiFcPefTXzY3b1EF_ddU7GXJ89xm0SNeu2ZXFxenGrb4_3fryB1ALUA8NOiY8x1MXhSYTdJ2PhvhZpH2SAKm145Grm83NCA-5QxSxOyFhH2wCUWPrVE2Nh_xaXJ1NDRV08q0Q-wzEyM4wIKkHLd1tygLy2dvEsVF9bcQt-le9HvIyL7Luw6MFNbgACRDq05Y-UqG6svxMC8Iv0W1ON0KvFj8ctRDZRENLCzardE_-8nuNSOwlX4BXrut64K1BSO3aEd0Ut1Aytkz-MUgZmEjxTCvfZXe9XLQ6O076OZUZRjDVhBH_XayJQGIOwbVBlMOULR3q04pik9C3MY6vFYvLrpAXXQ0lglYBKXSX4CdoU5GdGkwNUVlHShcYlyjmm1dBqxl_PLFT4UOrC_9nye39uiELeiE4SnZGpIHhD1xj_LhKSj3zelhhV89NrWRRiykWclD9yURJRZXmAW4PZOl3Lvpt_sc6PB9OnboxLPGRqRz3z0yj0QgO949Nv15rY4QWRqd1BLhV7j3Mcu05e7_qCBaQ7CxN3ZduO4ElEWzitS_UZYBq_citYl746uPE2H3l_4z9ELSgsIq-b-o1AUb742ITPH-gmzvzhsNs9eexKbS9BYSyGktM92eCjr506iyshX7NgFtTO2N2IeR-q04TSZpA6Z861KK5BpvebmEJZANfQ7cLUEbFE50Gd8ysukXXhpxCRPtW1XoCWfCs_fkT8UreUtkzy86H7YJlnEjbm&cid=CAQSPADICaaNZMwPlaKwgGBa7Ef7g2aKB0akHlAyX8Pf3W4Jdd_dMzrcADN6rdk6g7JJu44aWTIhJSwYGkfV8hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=5640411354713387000&adk=1877897943&idt=59&cac=0&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30947b4dd1ea5da506731e092a97450076be3b9c0f864571eddc17c0d417af90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34597
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
L2EveGktamlhLXpvbmctaGUtaHVhbmctbWEteGluLW5pYW4tc2hvdS16aGFuLXNoaS1saS1iYS1zYS1rZS1jaGFuZy15aS1xaXUteGlhby1zaGVuZy5odG1s.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveGktamlhLXpvbmctaGUtaHVhbmctbWEteGluLW5pYW4tc2hvdS16aGFuLXNoaS1saS1iYS1zYS1rZS1jaGFuZy15aS1xaXUteGlhby1zaGVuZy5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 04 Oct 2024 01:36:45 GMT
date
Thu, 05 Oct 2023 01:36:37 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
pixel;r=217428056;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html;uh=e51ed67dfb8d91dc24b15e2ace0c3b...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=217428056;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1719237998-1696469804160;pbc=741a1e32-b624-4ba6-89b9-f048d734071c;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1696469804726;tzo=-120;ogl=;ses=0d44fb26-baed-4714-ae72-8044605dea0a;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C66C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKXfpXN185Ekcg_hYhAJUxvkxG5vsgy1CYv9GWN-engpiRQMWSvhrHM0-kapBD09kIJaDXf0hFkGX0rsb3zoi0k7q4gTo8yu0322TsBM18iv6qHZIUj-VC6sXAjyzG6Re8huv2kpBJ5OQbkNrL6G8SfDaZNE9zb6Jtx7cTDpJoGin0cLGnXyMINBNWaaD4g0vzIpuzu3anPrMd2Eq0jyt89wombibs3HuhqHdY34kKG1htaTF5gE2kdJCF7ulZuYiiFAjuHNNtllXqmP3qvmqFoQOCwnx17yf3UKzmR1ySmHO9Phvuy0mmT0reZ9cFANmR&sai=AMfl-YSVNAWtnr0Te6ckC1Mh_RJJSGpSswxi5nt4haApwHQGvVYWzEWsZC8ZH6jN2ljinskHLgWRHPoBRnebMp63YOcmoR7e72NE6SU0Idu_mVKGfkjbvXvb9WHraHIcMk0&sig=Cg0ArKJSzAAyM-IG87jrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:34fb:55f:e11a:2d83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1
a.teads.tv/hb/ad/ Frame C66C 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7999e7cdcaec5ae66383870c108e66ece8c7ba5c9c967c994f79d5c662b192e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2715
expires
Thu, 05 Oct 2023 01:36:44 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:34fb:55f:e11a:2d83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41
a.teads.tv/hb/ad/ Frame F781 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eeb73b868e0d6e9731ffd9d6ff4643690ec72a3174484e212ff25103e5e9c7eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2714
expires
Thu, 05 Oct 2023 01:36:44 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:34fb:55f:e11a:2d83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C66C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:44 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aS1qaWEtem9uZy1oZS1odWFuZy1tYS14aW4tbmlhbi1zaG91LXpoYW4tc2hpLWxpLWJhLXNhLWtlLWNoYW5nLXlpLXFpdS14aWFvLXNoZW5nLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS05NDQ5ZDU3Yy0xM2M3LTRmNWQtODEzMy0zNjU1NjM5MTBiMDkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwNiwicmVzcG9uc2VUaW1lIjo1NTYsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InRlYWRzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDA2LCJ3aW5uZXJBZFVuaXRJZCI6Ijc3YTRkMjhhZTZiMzc2ZiIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjMwMHgyNTAiLCJwcmViaWRBdWN0aW9uSWQiOiIzN2E5OTg5Zi0zOTEwLTQ4ZWQtYjRiMC1kMGNmMmFmMzM1NTIiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=5503.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aS1qaWEtem9uZy1oZS1odWFuZy1tYS14aW4tbmlhbi1zaG91LXpoYW4tc2hpLWxpLWJhLXNhLWtlLWNoYW5nLXlpLXFpdS14aWFvLXNoZW5nLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS05NDQ5ZDU3Yy0xM2M3LTRmNWQtODEzMy0zNjU1NjM5MTBiMDkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwNiwicmVzcG9uc2VUaW1lIjo1NTYsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InRlYWRzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDA2LCJ3aW5uZXJBZFVuaXRJZCI6Ijc4OWZhNjUzMmVmZTE4YiIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjMwMHgyNTAiLCJwcmViaWRBdWN0aW9uSWQiOiIzN2E5OTg5Zi0zOTEwLTQ4ZWQtYjRiMC1kMGNmMmFmMzM1NTIiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=5513.700000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
prebid-request
onetag-sys.com/ 		15 B
357 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
tap.php
pixel.rubiconproject.com/ Frame 2B34
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMHwarBTBitU-aItqR5be-k&google_cver=1
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMHwarBTBitU-aItqR5be-k&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMHwarBTBitU-aItqR5be-k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5DSUJJNTgtNi02V1E4
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECcDMrs4fqT_xZtQWFKgnAw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5DSUJJNTgtNi02V1E4&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5DSUJJNTgtNi02V1E4&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5DSUJJNTgtNi02V1E4&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 2B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/H1gu4-7vO5PzWoNUPxah7A?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-B_3ByVhE2oIP7vucFIAcDvp1UjPUGHWoT0LYGw--~A
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-B_3ByVhE2oIP7vucFIAcDvp1UjPUGHWoT0LYGw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-B_3ByVhE2oIP7vucFIAcDvp1UjPUGHWoT0LYGw--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 2B34 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2B34
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IaS91ZaFSk2x7FYI8S_Qgw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IaS91ZaFSk2x7FYI8S_Qgw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IaS91ZaFSk2x7FYI8S_Qgw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BRN7GND61PN9A2KNEPJP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IaS91ZaFSk2x7FYI8S_Qgw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 2B34
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j7kq8jVBTm-BxZhbxYP1hg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j7kq8jVBTm-BxZhbxYP1hg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j7kq8jVBTm-BxZhbxYP1hg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YY166GHFG577H7ETN2F8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j7kq8jVBTm-BxZhbxYP1hg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWZjNGViNmMyZWVkNGM3YTBhM2VjMTA0Y2VmOTNlMTRmYWUwN2IwYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWZjNGViNmMyZWVkNGM3YTBhM2VjMTA0Y2VmOTNlMTRmYWUwN2IwYw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWZjNGViNmMyZWVkNGM3YTBhM2VjMTA0Y2VmOTNlMTRmYWUwN2IwYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 2B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNCIBI58-6-6WQ8
0
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNCIBI58-6-6WQ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6935C47EDB954258AEF08075B8F533E4 Ref B: ZRHEDGE1817 Ref C: 2023-10-05T01:36:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYG7igb5ci1awwA3PHt6Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNCIBI58-6-6WQ8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2B34
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEi_07KPCYAABjTPVueOA&expires=30
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEi_07KPCYAABjTPVueOA&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEi_07KPCYAABjTPVueOA&expires=30
Date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 2B34
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1c4cda93-bcf8-4089-bffa-fbb152e12560&expires=30
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1c4cda93-bcf8-4089-bffa-fbb152e12560&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1c4cda93-bcf8-4089-bffa-fbb152e12560&expires=30
Date
Thu, 05 Oct 2023 01:36:45 GMT
Connection
keep-alive
X-CI-RTID
34599549-5eb0-4e46-a5c1-148da02a9c3b
Content-Length
144
Content-Type
text/html; charset=utf-8
cksync
hb.yahoo.net/ Frame 2B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNCIBI58-6-6WQ8&redir=true
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNCIBI58-6-6WQ8&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNCIBI58-6-6WQ8&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS04NFZQcS45RTJ1SFFlZWxtQ3NSWkYwc0hRaC5QS0tMY35B&ovsid=LNCIBI58-6-6WQ8&dpid=58160
53 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS04NFZQcS45RTJ1SFFlZWxtQ3NSWkYwc0hRaC5QS0tMY35B&ovsid=LNCIBI58-6-6WQ8&dpid=58160
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2.19.198.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-33.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 05 Oct 2023 01:36:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 05 Oct 2023 01:36:46 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS04NFZQcS45RTJ1SFFlZWxtQ3NSWkYwc0hRaC5QS0tMY35B&ovsid=LNCIBI58-6-6WQ8&dpid=58160
date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame 2B34
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNCIBI58-6-6WQ8
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNCIBI58-6-6WQ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
an-x-request-uuid
d29f121c-67fd-46da-ab2d-6afc5b458336
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNCIBI58-6-6WQ8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
liveCS.php
live.primis.tech/live/ Frame 2B34
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNCIBI58-6-6WQ8
0
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNCIBI58-6-6WQ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2600:9000:2251:d400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
WSCraPJjnRQAwkLhjjuc8CphmZD2hCk2W0jz5Vat6p8ESvYGmqgDHQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNCIBI58-6-6WQ8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 2B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNCIBI58-6-6WQ8
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNCIBI58-6-6WQ8
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNCIBI58-6-6WQ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNCIBI58-6-6WQ8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 2B34
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=gXXf2Fl8XqJBI9dANIBNMMPOaYQ
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=gXXf2Fl8XqJBI9dANIBNMMPOaYQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=gXXf2Fl8XqJBI9dANIBNMMPOaYQ
Date
Thu, 05 Oct 2023 01:36:45 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 2B34
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=54ba79e3-00e4-421c-9c22-df79652b4727
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=54ba79e3-00e4-421c-9c22-df79652b4727
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=54ba79e3-00e4-421c-9c22-df79652b4727
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1040241
content-length
0
expires
Thu, 05 Oct 2023 00:00:00 GMT
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13380&lti=deflated&ri=6378c13667af6fee0db394b36d83895c&sd=v2_211ebd85be134aa4e741b91a2dde13d3_1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab_1696469803_1696469803_CNawjgYQ2YJdGJ7B6-uvMSABKAEwKziy0A1AzYgQSO--4wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab&pi=/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&wi=918755470390149504&pt=text&vi=1696469803166&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A36%3A44.842&id=4090&llvl=2&cv=20231004-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cookie.js
partner.googleadservices.com/gampad/ Frame 3707 		210 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Dbe52cc7a3cf7e403%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MbsXnIUhFI-gmNJUL5IpS0FEzUGzw&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3beda3293307ed2809f14885cefb9d0933f0ec17ad6f086c7fde594763428e22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
adx.holmesmind.com/adx-file/20230617/ Frame EA6F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16964...
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
459 B
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ec00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
941
content-length
459
content-type
text/html
date
Thu, 05 Oct 2023 01:36:45 GMT
etag
"b488597db51c4a25cc169c0690d8eea0"
last-modified
Sat, 17 Jun 2023 07:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-id
g-xeYaGqbYcZCX0UTpEaTX9VsdkOxVFvQ9rbVHuleG9CSMZXh5axdg==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:45 GMT
location
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 876F 		492 B
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1768259464940280&correlator=476450571530533&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1696469804894&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=xryjwbfn3r0i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qPAz1blCHrJTCk9JeOYLMKnOyusQGiRsCFlneJmTCA3EQXSB3h27eud2o7JLWReafiF2jd-tq99lbkImkUg9xNNKuwbs50Lz6QD8BX_6JpsBOfdUKjU2772Ru9Ar7v4xuWZR4n3rBtNHYY8TERiQpyly79C5JtEa8-4-QH8msSsTTcgmMeAmvDBh0IwXQ&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1899410370.1696469805&ga_sid=1696469805&ga_hid=1348396586&ga_fc=false&dlt=1696469803454&idt=1235&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e2a7052a3b091a84e696ca11c0222ce2ecda2492f3e57339b5ea476435a9fa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 876F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b0b2bf8e11124e1b61d37311103102581efa71df77d753bbcf931d1f2e196e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12295
x-xss-protection
0
container.html
964c25b6500fbfe5d9f87001552574e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9579 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://964c25b6500fbfe5d9f87001552574e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:44 GMT
expires
Fri, 04 Oct 2024 01:36:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c8501ffcb32e1e66595bac99c61cf0a1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8501ffcb32e1e66595bac99c61cf0a1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7811638876e407d9b2f724d0d8d5fbe08e234952c19441116e1332e124807019

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8501ffcb32e1e66595bac99c61cf0a1.jpg
age
3163087
edge-cache-tag
466370907613478688840362783371873638964,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
466370907613478688840362783371873638964,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
86
expiration
expiry-date="Sat, 02 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://sports.ndtv.com/
content-length
5546
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000166-IAD, cache-iad-kiad7000166-IAD, cache-lax10643-LGB, cache-iad-kcgs7200136-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 02 Aug 2023 05:30:03 GMT
server
nginx
x-timer
S1696469805.910605,VS0,VE1
etag
"c39b5acb0b865a237d972442bebca61a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 16, 1
6ad0d66bc1b961b58aa80dadfe584643.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ad0d66bc1b961b58aa80dadfe584643.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d06695c14b4eab9e1116ad9d22e42eacc5a62503b915cb22ab50076c2dca2d20

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ad0d66bc1b961b58aa80dadfe584643.png
age
772244
edge-cache-tag
509418211262262279348746900157515220070,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
509418211262262279348746900157515220070,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
400
expiration
expiry-date="Mon, 09 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tichyseinblick.de/podcast/te-wecker-am-24-september-2023/
content-length
4670
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000082-IAD, cache-iad-kiad7000063-IAD, cache-lax10638-LGB, cache-iad-kjyo7100164-IAD, cache-fra-eddf8230021-FRA
last-modified
Fri, 08 Sep 2023 14:26:23 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=1200,oheight=800,obytes=906059
x-timer
S1696469805.910898,VS0,VE1
etag
"2294d416748f17e405b8402ab15c4463"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 1
d-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/nQMQQKM/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/nQMQQKM/d-1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d76dc6fefa04718f5a74722fceccf283b30cd18a14634bdad7579bf2bd3f0dc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 05 Oct 2023 01:36:44 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/nQMQQKM/d-1.jpg
age
2443046
edge-cache-tag
525360527400017089352312631480807630068,589699347347381680738072091557196927341,29ecf9b93bbf306179626feeda1fab70
cache-tag
525360527400017089352312631480807630068,589699347347381680738072091557196927341,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
281
expiration
expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.exquis.ro/
content-length
3360
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kiad7000068-IAD, cache-iad-kiad7000170-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 06 Sep 2023 16:44:14 GMT
server
nginx
x-timer
S1696469805.910885,VS0,VE1
etag
"80c780ac606b2d353d33c31aec3a4b5c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 6, 1
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10637&tvi50=13380&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231004-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
79
date
Thu, 05 Oct 2023 01:36:45 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64211
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230021-FRA
pragma
no-cache
server
nginx
x-timer
S1696469805.931824,VS0,VE79
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame F798 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJ8QMmkiqjfQSw7KPpZiMEnwPcFqOwCosp3Gn9hIGFNR9mgbPAYEkfcl3aDjEo3tFDc0buIEUsso4Uw_i-Uric3obXEQ&cry=1&dbm_d=AKAmf-BqQ8uqvWFoC-tHqsZsQq12vrJk9iGYc_kSGuzOtJ7gprjzntOd-TPQHINSplW4eEKCzaWwdCA0tu_BcnoUy-NkxK5v5C_OTje1oTmAZOibFYRLHjZUvbL3tnDa2FFwxoWjC544MYA3Zj_5s2hMDOFwq7VdM9HdGKwsowLlK1Nm2we1DwKEDoMkBNLl9HFUQEArAzIQBAv_X6_wySiWGOCYcdEKR3oR5BtzBxIo0mWr6xPWXX6zuLFuKjzlGACJ2WoXlWCsv1QmKdQh7I3FRx0lOtU1vrz7DSL_IGqrXyivxOF19DiR7V3NAVRh4CLyaGaEGc5rQwgk4rZjqq9GZHM2kg7tRYODrtv9FK_u6iQ_Hg5cFm1wAx9nrNkq_pbP2V2ZUR9pF4UVoEP7-nFAP0ZnjMevqmhV_wQSPwfIkpYAQp1PpSZw30UhjKbsiBKo9sh2Vjvjse4E6EhMsu2vu0LlwsXpTlwqhS7kDHccA2ow-eDXHqCD6jcgiOLgAPq_TUQ7izO5vZDyTKk1mlfnrROI5KDDdNLs5uAyNEJpjP_tcrW3OyUm6GAqLkpvtUgHE1J1DaclJ5BZE4ShB3ybtsoxRr1La6azXaSTzM9aoNxOHXCEeUFemMEZiZcVBYJvy3oWA0Vyz98E-aUGxKDzlfCCo4as0v2aTc9xLyS6o7_c-Wd3CGBW44TWyqJgPHq2u3pV3hTHVW6CtByo7a4Y3IFYjhOpmxbsg_KJ4pzTuu5wnjcB6nrWtKWT8U49c1fhjr85mxwL5raa-7PWfOiHYEAitagOOpIvSoY0v6SQrk_PDruKkh6T3r4A4s9m7taqXBo8thx89giaIOJsOy4rYMxhU2KQ-3D6my2rsd0idTzLfP-DgrmbQrZ9qdgbZW5nmo3ktndneVk1nNNmUA4Tgebfb6z__rY1aRPe3RTxTY_sAA2u9ITwck9mRxpVjJJExmxHUC-O29FlJSXoXTP380nO28OPhS3UwgPYV0mlhShfQQZKhqmfql5GYp7PXllokz5ZB5aN3fm-epHdrGez_kxF3cZCk6tth0IoSQQrNuzf6GmKPs3KAm6KRMHiBh2fwQaumz6p6C-Wu25CxXgVQTa-1pztM0ETtSnpsT8_RsYavQ2Osd1w3ZO5X9Ea0wBfjSXuLjCECbniXnjJOC_iwe9HOR1qXvKUKWVoFXgh8xQJhZNhg-6nhI0EV4Lwg47CGswFErkoGCZT85aOfzx3uryqt8iaml6STdXiFXhMBTteFCokiEbV7UytQWoLKZQAGFMcIo8b-k5UkWvrYZ_Zkml5eYGmVnPfpvJrsVL1wnyON1fGTojYdJQ49PWgkZQLGjRwrCD5s5TRLk7yib9yrauNRnP8pKEqpaNFrKwXX_EV9jc4ncUSmFXIowrVbDBfD0qVU9FPTeKuPd4L-GrTDPriAQuAcxu5K70cAt4qn3UjLMtctCR4c7s3O22kjpQvUinz99WUzsViV6yB7GSTw9aMVSr4GyBQFZ18_znXyCg-1A8zyus1e3XL8-UCTMwDNObJ6Re_dXVGJ4QPlvKipkyM9kIoAPOAg0Bw6th2iQklF6xq4_eXKTYwf-KfKc7juBOIJpeL5KipdObKpf5-pTTiFvJ2IciinKpzbKcY2uAb2KGJYdigqJD73ukVFYDyyCO7Dh8YBm7x167flT5otXhsTp7e7NisMvF7mb-aJmih4EpHUPM9t_xNnwb3d9TzS7y-0Ot9vPwGhkkt3nx6aO9Qx3WKgA4iWnykNhupweOq72rqNGiSo3zevK5IcVyWiHaIm86m8V6Pb_5sj0ebii2D-6sQWyGtjajxMk69BAo58GocpkvjcCjFMQfETpGO1I03aPpbLB_N3N6yqdgQNu9iLYYvyc7IxpbFFVf0t9Mkda99xoCyUm7KVwCN2bhRj9OferOiZP48i-yrOY0bhPWrasjqkUv9_VHMordsHv2vYNm283_Gguktm-ewkSRpJftTUbtDCZrokV5SRf_tEGE7oXMWQI9UxQ4vKwR2oRcwJ3zWNANgSpWEnrfdCJtm_Q3-3IgQZftRFKCu7CMu1PP-uqKiFvABp6-omBnKlS_Sm4xtK8zgpf_YSCQoHpFrxH178ePMfMnZP-beNi12zwCa0nKLloZ6JRKyuT9yhErASyDK60pELcSakmI8hAj8jJqpvDyz0wQKmzeuBHf8CNwz0J_wU_6mGYk7hOsBVItLietxqLpdbV0x1LGHEp-2C6mmZf-fe24PBsDuJnL6xDq3lGLxkhKV0NuUBO1TmdqXibSspesX0irnISrHQ77IuhG0YmrNGk5ia2n-gtuLgXRQPyC4bNFS65JMoeQ1m0EkNSfEzgV9IZnrBV0aeLpKb_KM3YpnM1QYSHo1rtNKabbriOvxf3UZiBFkC4fBlOFuH281-0I3RLIksfhZKn0neG8yfJY5wBVNTp1XwRjRq4GyBZVfH55dVX12rBws9waA9iOFEPBA4fdyaFcrpyuiIpwGgjGNwH_2BMP3Cd6mDfIfuWgIpC1NiNw70d__iI1DGQgYe3qaksPl_1VR_d4YN3N67X2Y03z94SDnrNK_MlUSLE789KBdDh_NK6nbxC2_mJak7RE06-A5dLrHcf_bUIo5QH5CSh9JPt97KRBgicyOP8I09dU6t1DxXj4GvF-Qx-QIdJbg_LM0VROKK2GG6UnY4HuzsTt87u7wYSTMnl87-9tmWm4bivmB9HwoQgFQK2TdOOPeXZe3O4YmZmUcmKoeAYmwzyLwBKZCsOp6wcd6064roEq7WYhoUHXNQYWe30mhIZ17RTkg1hDeO7yhKyX8_Q7KUT2okuDH349xdzlG1y70PUN0gZcFRPFXgo2W5UQepBpcc-mMxuveVWEtJVBc_T073YDjiRVBPZTl0t7ReNX74xDMkfjuYxQETTpd06LoTIWnMgOMlejZ7ZXDke_o5HdF4lOIunPPuiRGvHOzb-IoCMYrg11piP4e_ssx0OxIioyJTbi4NBe_fb6zbDWg4cYENq_0MIMV75nuuP8MxuoPP1w6mnG71HPKwSY_gxEHY6g1hFOJuLmigYyGxUR4FfZyYc6z7IrRexcaoqH9qYi7tUMvgzcQs24Xh3t_qaBGq909hfjGm7v6qnUYpZagmhh7x_0RvdFjUmeJStDwi60fCt9SWMldnIih5EgKzxnVLtwcV_9iU6Zav9Gxhzm9YlxtEkVr97RgRuoabETBAIUgnpvozc3rIsCrlsMGJ2ZjcN5D1OWmiIr9oW6jfjr3vADCYIs8upJlk4jLWfzUWVuGtoNiFcPefTXzY3b1EF_ddU7GXJ89xm0SNeu2ZXFxenGrb4_3fryB1ALUA8NOiY8x1MXhSYTdJ2PhvhZpH2SAKm145Grm83NCA-5QxSxOyFhH2wCUWPrVE2Nh_xaXJ1NDRV08q0Q-wzEyM4wIKkHLd1tygLy2dvEsVF9bcQt-le9HvIyL7Luw6MFNbgACRDq05Y-UqG6svxMC8Iv0W1ON0KvFj8ctRDZRENLCzardE_-8nuNSOwlX4BXrut64K1BSO3aEd0Ut1Aytkz-MUgZmEjxTCvfZXe9XLQ6O076OZUZRjDVhBH_XayJQGIOwbVBlMOULR3q04pik9C3MY6vFYvLrpAXXQ0lglYBKXSX4CdoU5GdGkwNUVlHShcYlyjmm1dBqxl_PLFT4UOrC_9nye39uiELeiE4SnZGpIHhD1xj_LhKSj3zelhhV89NrWRRiykWclD9yURJRZXmAW4PZOl3Lvpt_sc6PB9OnboxLPGRqRz3z0yj0QgO949Nv15rY4QWRqd1BLhV7j3Mcu05e7_qCBaQ7CxN3ZduO4ElEWzitS_UZYBq_citYl746uPE2H3l_4z9ELSgsIq-b-o1AUb742ITPH-gmzvzhsNs9eexKbS9BYSyGktM92eCjr506iyshX7NgFtTO2N2IeR-q04TSZpA6Z861KK5BpvebmEJZANfQ7cLUEbFE50Gd8ysukXXhpxCRPtW1XoCWfCs_fkT8UreUtkzy86H7YJlnEjbm&cid=CAQSPADICaaNZMwPlaKwgGBa7Ef7g2aKB0akHlAyX8Pf3W4Jdd_dMzrcADN6rdk6g7JJu44aWTIhJSwYGkfV8hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=5640411354713387000&adk=1877897943&idt=59&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
42690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:45:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame F798 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJ8QMmkiqjfQSw7KPpZiMEnwPcFqOwCosp3Gn9hIGFNR9mgbPAYEkfcl3aDjEo3tFDc0buIEUsso4Uw_i-Uric3obXEQ&cry=1&dbm_d=AKAmf-BqQ8uqvWFoC-tHqsZsQq12vrJk9iGYc_kSGuzOtJ7gprjzntOd-TPQHINSplW4eEKCzaWwdCA0tu_BcnoUy-NkxK5v5C_OTje1oTmAZOibFYRLHjZUvbL3tnDa2FFwxoWjC544MYA3Zj_5s2hMDOFwq7VdM9HdGKwsowLlK1Nm2we1DwKEDoMkBNLl9HFUQEArAzIQBAv_X6_wySiWGOCYcdEKR3oR5BtzBxIo0mWr6xPWXX6zuLFuKjzlGACJ2WoXlWCsv1QmKdQh7I3FRx0lOtU1vrz7DSL_IGqrXyivxOF19DiR7V3NAVRh4CLyaGaEGc5rQwgk4rZjqq9GZHM2kg7tRYODrtv9FK_u6iQ_Hg5cFm1wAx9nrNkq_pbP2V2ZUR9pF4UVoEP7-nFAP0ZnjMevqmhV_wQSPwfIkpYAQp1PpSZw30UhjKbsiBKo9sh2Vjvjse4E6EhMsu2vu0LlwsXpTlwqhS7kDHccA2ow-eDXHqCD6jcgiOLgAPq_TUQ7izO5vZDyTKk1mlfnrROI5KDDdNLs5uAyNEJpjP_tcrW3OyUm6GAqLkpvtUgHE1J1DaclJ5BZE4ShB3ybtsoxRr1La6azXaSTzM9aoNxOHXCEeUFemMEZiZcVBYJvy3oWA0Vyz98E-aUGxKDzlfCCo4as0v2aTc9xLyS6o7_c-Wd3CGBW44TWyqJgPHq2u3pV3hTHVW6CtByo7a4Y3IFYjhOpmxbsg_KJ4pzTuu5wnjcB6nrWtKWT8U49c1fhjr85mxwL5raa-7PWfOiHYEAitagOOpIvSoY0v6SQrk_PDruKkh6T3r4A4s9m7taqXBo8thx89giaIOJsOy4rYMxhU2KQ-3D6my2rsd0idTzLfP-DgrmbQrZ9qdgbZW5nmo3ktndneVk1nNNmUA4Tgebfb6z__rY1aRPe3RTxTY_sAA2u9ITwck9mRxpVjJJExmxHUC-O29FlJSXoXTP380nO28OPhS3UwgPYV0mlhShfQQZKhqmfql5GYp7PXllokz5ZB5aN3fm-epHdrGez_kxF3cZCk6tth0IoSQQrNuzf6GmKPs3KAm6KRMHiBh2fwQaumz6p6C-Wu25CxXgVQTa-1pztM0ETtSnpsT8_RsYavQ2Osd1w3ZO5X9Ea0wBfjSXuLjCECbniXnjJOC_iwe9HOR1qXvKUKWVoFXgh8xQJhZNhg-6nhI0EV4Lwg47CGswFErkoGCZT85aOfzx3uryqt8iaml6STdXiFXhMBTteFCokiEbV7UytQWoLKZQAGFMcIo8b-k5UkWvrYZ_Zkml5eYGmVnPfpvJrsVL1wnyON1fGTojYdJQ49PWgkZQLGjRwrCD5s5TRLk7yib9yrauNRnP8pKEqpaNFrKwXX_EV9jc4ncUSmFXIowrVbDBfD0qVU9FPTeKuPd4L-GrTDPriAQuAcxu5K70cAt4qn3UjLMtctCR4c7s3O22kjpQvUinz99WUzsViV6yB7GSTw9aMVSr4GyBQFZ18_znXyCg-1A8zyus1e3XL8-UCTMwDNObJ6Re_dXVGJ4QPlvKipkyM9kIoAPOAg0Bw6th2iQklF6xq4_eXKTYwf-KfKc7juBOIJpeL5KipdObKpf5-pTTiFvJ2IciinKpzbKcY2uAb2KGJYdigqJD73ukVFYDyyCO7Dh8YBm7x167flT5otXhsTp7e7NisMvF7mb-aJmih4EpHUPM9t_xNnwb3d9TzS7y-0Ot9vPwGhkkt3nx6aO9Qx3WKgA4iWnykNhupweOq72rqNGiSo3zevK5IcVyWiHaIm86m8V6Pb_5sj0ebii2D-6sQWyGtjajxMk69BAo58GocpkvjcCjFMQfETpGO1I03aPpbLB_N3N6yqdgQNu9iLYYvyc7IxpbFFVf0t9Mkda99xoCyUm7KVwCN2bhRj9OferOiZP48i-yrOY0bhPWrasjqkUv9_VHMordsHv2vYNm283_Gguktm-ewkSRpJftTUbtDCZrokV5SRf_tEGE7oXMWQI9UxQ4vKwR2oRcwJ3zWNANgSpWEnrfdCJtm_Q3-3IgQZftRFKCu7CMu1PP-uqKiFvABp6-omBnKlS_Sm4xtK8zgpf_YSCQoHpFrxH178ePMfMnZP-beNi12zwCa0nKLloZ6JRKyuT9yhErASyDK60pELcSakmI8hAj8jJqpvDyz0wQKmzeuBHf8CNwz0J_wU_6mGYk7hOsBVItLietxqLpdbV0x1LGHEp-2C6mmZf-fe24PBsDuJnL6xDq3lGLxkhKV0NuUBO1TmdqXibSspesX0irnISrHQ77IuhG0YmrNGk5ia2n-gtuLgXRQPyC4bNFS65JMoeQ1m0EkNSfEzgV9IZnrBV0aeLpKb_KM3YpnM1QYSHo1rtNKabbriOvxf3UZiBFkC4fBlOFuH281-0I3RLIksfhZKn0neG8yfJY5wBVNTp1XwRjRq4GyBZVfH55dVX12rBws9waA9iOFEPBA4fdyaFcrpyuiIpwGgjGNwH_2BMP3Cd6mDfIfuWgIpC1NiNw70d__iI1DGQgYe3qaksPl_1VR_d4YN3N67X2Y03z94SDnrNK_MlUSLE789KBdDh_NK6nbxC2_mJak7RE06-A5dLrHcf_bUIo5QH5CSh9JPt97KRBgicyOP8I09dU6t1DxXj4GvF-Qx-QIdJbg_LM0VROKK2GG6UnY4HuzsTt87u7wYSTMnl87-9tmWm4bivmB9HwoQgFQK2TdOOPeXZe3O4YmZmUcmKoeAYmwzyLwBKZCsOp6wcd6064roEq7WYhoUHXNQYWe30mhIZ17RTkg1hDeO7yhKyX8_Q7KUT2okuDH349xdzlG1y70PUN0gZcFRPFXgo2W5UQepBpcc-mMxuveVWEtJVBc_T073YDjiRVBPZTl0t7ReNX74xDMkfjuYxQETTpd06LoTIWnMgOMlejZ7ZXDke_o5HdF4lOIunPPuiRGvHOzb-IoCMYrg11piP4e_ssx0OxIioyJTbi4NBe_fb6zbDWg4cYENq_0MIMV75nuuP8MxuoPP1w6mnG71HPKwSY_gxEHY6g1hFOJuLmigYyGxUR4FfZyYc6z7IrRexcaoqH9qYi7tUMvgzcQs24Xh3t_qaBGq909hfjGm7v6qnUYpZagmhh7x_0RvdFjUmeJStDwi60fCt9SWMldnIih5EgKzxnVLtwcV_9iU6Zav9Gxhzm9YlxtEkVr97RgRuoabETBAIUgnpvozc3rIsCrlsMGJ2ZjcN5D1OWmiIr9oW6jfjr3vADCYIs8upJlk4jLWfzUWVuGtoNiFcPefTXzY3b1EF_ddU7GXJ89xm0SNeu2ZXFxenGrb4_3fryB1ALUA8NOiY8x1MXhSYTdJ2PhvhZpH2SAKm145Grm83NCA-5QxSxOyFhH2wCUWPrVE2Nh_xaXJ1NDRV08q0Q-wzEyM4wIKkHLd1tygLy2dvEsVF9bcQt-le9HvIyL7Luw6MFNbgACRDq05Y-UqG6svxMC8Iv0W1ON0KvFj8ctRDZRENLCzardE_-8nuNSOwlX4BXrut64K1BSO3aEd0Ut1Aytkz-MUgZmEjxTCvfZXe9XLQ6O076OZUZRjDVhBH_XayJQGIOwbVBlMOULR3q04pik9C3MY6vFYvLrpAXXQ0lglYBKXSX4CdoU5GdGkwNUVlHShcYlyjmm1dBqxl_PLFT4UOrC_9nye39uiELeiE4SnZGpIHhD1xj_LhKSj3zelhhV89NrWRRiykWclD9yURJRZXmAW4PZOl3Lvpt_sc6PB9OnboxLPGRqRz3z0yj0QgO949Nv15rY4QWRqd1BLhV7j3Mcu05e7_qCBaQ7CxN3ZduO4ElEWzitS_UZYBq_citYl746uPE2H3l_4z9ELSgsIq-b-o1AUb742ITPH-gmzvzhsNs9eexKbS9BYSyGktM92eCjr506iyshX7NgFtTO2N2IeR-q04TSZpA6Z861KK5BpvebmEJZANfQ7cLUEbFE50Gd8ysukXXhpxCRPtW1XoCWfCs_fkT8UreUtkzy86H7YJlnEjbm&cid=CAQSPADICaaNZMwPlaKwgGBa7Ef7g2aKB0akHlAyX8Pf3W4Jdd_dMzrcADN6rdk6g7JJu44aWTIhJSwYGkfV8hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=5640411354713387000&adk=1877897943&idt=59&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
42703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:45:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F798 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJ8QMmkiqjfQSw7KPpZiMEnwPcFqOwCosp3Gn9hIGFNR9mgbPAYEkfcl3aDjEo3tFDc0buIEUsso4Uw_i-Uric3obXEQ&cry=1&dbm_d=AKAmf-BqQ8uqvWFoC-tHqsZsQq12vrJk9iGYc_kSGuzOtJ7gprjzntOd-TPQHINSplW4eEKCzaWwdCA0tu_BcnoUy-NkxK5v5C_OTje1oTmAZOibFYRLHjZUvbL3tnDa2FFwxoWjC544MYA3Zj_5s2hMDOFwq7VdM9HdGKwsowLlK1Nm2we1DwKEDoMkBNLl9HFUQEArAzIQBAv_X6_wySiWGOCYcdEKR3oR5BtzBxIo0mWr6xPWXX6zuLFuKjzlGACJ2WoXlWCsv1QmKdQh7I3FRx0lOtU1vrz7DSL_IGqrXyivxOF19DiR7V3NAVRh4CLyaGaEGc5rQwgk4rZjqq9GZHM2kg7tRYODrtv9FK_u6iQ_Hg5cFm1wAx9nrNkq_pbP2V2ZUR9pF4UVoEP7-nFAP0ZnjMevqmhV_wQSPwfIkpYAQp1PpSZw30UhjKbsiBKo9sh2Vjvjse4E6EhMsu2vu0LlwsXpTlwqhS7kDHccA2ow-eDXHqCD6jcgiOLgAPq_TUQ7izO5vZDyTKk1mlfnrROI5KDDdNLs5uAyNEJpjP_tcrW3OyUm6GAqLkpvtUgHE1J1DaclJ5BZE4ShB3ybtsoxRr1La6azXaSTzM9aoNxOHXCEeUFemMEZiZcVBYJvy3oWA0Vyz98E-aUGxKDzlfCCo4as0v2aTc9xLyS6o7_c-Wd3CGBW44TWyqJgPHq2u3pV3hTHVW6CtByo7a4Y3IFYjhOpmxbsg_KJ4pzTuu5wnjcB6nrWtKWT8U49c1fhjr85mxwL5raa-7PWfOiHYEAitagOOpIvSoY0v6SQrk_PDruKkh6T3r4A4s9m7taqXBo8thx89giaIOJsOy4rYMxhU2KQ-3D6my2rsd0idTzLfP-DgrmbQrZ9qdgbZW5nmo3ktndneVk1nNNmUA4Tgebfb6z__rY1aRPe3RTxTY_sAA2u9ITwck9mRxpVjJJExmxHUC-O29FlJSXoXTP380nO28OPhS3UwgPYV0mlhShfQQZKhqmfql5GYp7PXllokz5ZB5aN3fm-epHdrGez_kxF3cZCk6tth0IoSQQrNuzf6GmKPs3KAm6KRMHiBh2fwQaumz6p6C-Wu25CxXgVQTa-1pztM0ETtSnpsT8_RsYavQ2Osd1w3ZO5X9Ea0wBfjSXuLjCECbniXnjJOC_iwe9HOR1qXvKUKWVoFXgh8xQJhZNhg-6nhI0EV4Lwg47CGswFErkoGCZT85aOfzx3uryqt8iaml6STdXiFXhMBTteFCokiEbV7UytQWoLKZQAGFMcIo8b-k5UkWvrYZ_Zkml5eYGmVnPfpvJrsVL1wnyON1fGTojYdJQ49PWgkZQLGjRwrCD5s5TRLk7yib9yrauNRnP8pKEqpaNFrKwXX_EV9jc4ncUSmFXIowrVbDBfD0qVU9FPTeKuPd4L-GrTDPriAQuAcxu5K70cAt4qn3UjLMtctCR4c7s3O22kjpQvUinz99WUzsViV6yB7GSTw9aMVSr4GyBQFZ18_znXyCg-1A8zyus1e3XL8-UCTMwDNObJ6Re_dXVGJ4QPlvKipkyM9kIoAPOAg0Bw6th2iQklF6xq4_eXKTYwf-KfKc7juBOIJpeL5KipdObKpf5-pTTiFvJ2IciinKpzbKcY2uAb2KGJYdigqJD73ukVFYDyyCO7Dh8YBm7x167flT5otXhsTp7e7NisMvF7mb-aJmih4EpHUPM9t_xNnwb3d9TzS7y-0Ot9vPwGhkkt3nx6aO9Qx3WKgA4iWnykNhupweOq72rqNGiSo3zevK5IcVyWiHaIm86m8V6Pb_5sj0ebii2D-6sQWyGtjajxMk69BAo58GocpkvjcCjFMQfETpGO1I03aPpbLB_N3N6yqdgQNu9iLYYvyc7IxpbFFVf0t9Mkda99xoCyUm7KVwCN2bhRj9OferOiZP48i-yrOY0bhPWrasjqkUv9_VHMordsHv2vYNm283_Gguktm-ewkSRpJftTUbtDCZrokV5SRf_tEGE7oXMWQI9UxQ4vKwR2oRcwJ3zWNANgSpWEnrfdCJtm_Q3-3IgQZftRFKCu7CMu1PP-uqKiFvABp6-omBnKlS_Sm4xtK8zgpf_YSCQoHpFrxH178ePMfMnZP-beNi12zwCa0nKLloZ6JRKyuT9yhErASyDK60pELcSakmI8hAj8jJqpvDyz0wQKmzeuBHf8CNwz0J_wU_6mGYk7hOsBVItLietxqLpdbV0x1LGHEp-2C6mmZf-fe24PBsDuJnL6xDq3lGLxkhKV0NuUBO1TmdqXibSspesX0irnISrHQ77IuhG0YmrNGk5ia2n-gtuLgXRQPyC4bNFS65JMoeQ1m0EkNSfEzgV9IZnrBV0aeLpKb_KM3YpnM1QYSHo1rtNKabbriOvxf3UZiBFkC4fBlOFuH281-0I3RLIksfhZKn0neG8yfJY5wBVNTp1XwRjRq4GyBZVfH55dVX12rBws9waA9iOFEPBA4fdyaFcrpyuiIpwGgjGNwH_2BMP3Cd6mDfIfuWgIpC1NiNw70d__iI1DGQgYe3qaksPl_1VR_d4YN3N67X2Y03z94SDnrNK_MlUSLE789KBdDh_NK6nbxC2_mJak7RE06-A5dLrHcf_bUIo5QH5CSh9JPt97KRBgicyOP8I09dU6t1DxXj4GvF-Qx-QIdJbg_LM0VROKK2GG6UnY4HuzsTt87u7wYSTMnl87-9tmWm4bivmB9HwoQgFQK2TdOOPeXZe3O4YmZmUcmKoeAYmwzyLwBKZCsOp6wcd6064roEq7WYhoUHXNQYWe30mhIZ17RTkg1hDeO7yhKyX8_Q7KUT2okuDH349xdzlG1y70PUN0gZcFRPFXgo2W5UQepBpcc-mMxuveVWEtJVBc_T073YDjiRVBPZTl0t7ReNX74xDMkfjuYxQETTpd06LoTIWnMgOMlejZ7ZXDke_o5HdF4lOIunPPuiRGvHOzb-IoCMYrg11piP4e_ssx0OxIioyJTbi4NBe_fb6zbDWg4cYENq_0MIMV75nuuP8MxuoPP1w6mnG71HPKwSY_gxEHY6g1hFOJuLmigYyGxUR4FfZyYc6z7IrRexcaoqH9qYi7tUMvgzcQs24Xh3t_qaBGq909hfjGm7v6qnUYpZagmhh7x_0RvdFjUmeJStDwi60fCt9SWMldnIih5EgKzxnVLtwcV_9iU6Zav9Gxhzm9YlxtEkVr97RgRuoabETBAIUgnpvozc3rIsCrlsMGJ2ZjcN5D1OWmiIr9oW6jfjr3vADCYIs8upJlk4jLWfzUWVuGtoNiFcPefTXzY3b1EF_ddU7GXJ89xm0SNeu2ZXFxenGrb4_3fryB1ALUA8NOiY8x1MXhSYTdJ2PhvhZpH2SAKm145Grm83NCA-5QxSxOyFhH2wCUWPrVE2Nh_xaXJ1NDRV08q0Q-wzEyM4wIKkHLd1tygLy2dvEsVF9bcQt-le9HvIyL7Luw6MFNbgACRDq05Y-UqG6svxMC8Iv0W1ON0KvFj8ctRDZRENLCzardE_-8nuNSOwlX4BXrut64K1BSO3aEd0Ut1Aytkz-MUgZmEjxTCvfZXe9XLQ6O076OZUZRjDVhBH_XayJQGIOwbVBlMOULR3q04pik9C3MY6vFYvLrpAXXQ0lglYBKXSX4CdoU5GdGkwNUVlHShcYlyjmm1dBqxl_PLFT4UOrC_9nye39uiELeiE4SnZGpIHhD1xj_LhKSj3zelhhV89NrWRRiykWclD9yURJRZXmAW4PZOl3Lvpt_sc6PB9OnboxLPGRqRz3z0yj0QgO949Nv15rY4QWRqd1BLhV7j3Mcu05e7_qCBaQ7CxN3ZduO4ElEWzitS_UZYBq_citYl746uPE2H3l_4z9ELSgsIq-b-o1AUb742ITPH-gmzvzhsNs9eexKbS9BYSyGktM92eCjr506iyshX7NgFtTO2N2IeR-q04TSZpA6Z861KK5BpvebmEJZANfQ7cLUEbFE50Gd8ysukXXhpxCRPtW1XoCWfCs_fkT8UreUtkzy86H7YJlnEjbm&cid=CAQSPADICaaNZMwPlaKwgGBa7Ef7g2aKB0akHlAyX8Pf3W4Jdd_dMzrcADN6rdk6g7JJu44aWTIhJSwYGkfV8hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=5640411354713387000&adk=1877897943&idt=59&cac=0&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
565816
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 12:26:28 GMT
6045086967824288774
s0.2mdn.net/simgad/ Frame F798 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6045086967824288774
Requested by
Host: ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
URL: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b99dde3004c675ba348579c244f91a68bcf8a65fe67153158c779124464ad06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 14:54:11 GMT
x-content-type-options
nosniff
age
124953
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130251
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 06:48:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Oct 2024 14:54:11 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1045 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
URL: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
63679
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Thu, 05 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
st
imprammp.taboola.com/ Frame 6BE8 		577 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&cmcv=&pix=undefined&cb=1696469804977&uv=3345&tms=1696469804977&abt=nonrv_vA!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=cdf9c59d-3851-48aa-9066-dbc7feda40e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ad2df2d61d5d01ba21624eb8e3a0fa2b4de26c9ad72fe46af956c63815c9d7a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 05 Oct 2023 01:36:44 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230021-FRA
x-timer
S1696469805.988194,VS0,VE9
sync
am-match.taboola.com/ Frame 1E69 		422 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
703d63ef45f72472939b1aa31f1a8c4b3ac84bcb6ef2c2b8378669b04e0e6130

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 05 Oct 2023 01:36:45 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696469804985&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1558&pt=-644208828&tz=120&viewable=true&ddast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!u2822_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e4d787d977deaa3b633bd08c19c485581b0696a29e3b97bad2f8be2a4b01cf0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1460
x-cache
MISS
x-served-by
cache-fra-eddf8230021-FRA
pragma
no-cache
server
nginx
x-timer
S1696469805.002102,VS0,VE43
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&cmcv=&pix=31589837&cb=1696469804975&uv=3345&tms=1696469804975&abt=nonrv_vA!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1696469799269.5!ts:1696469804975&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-length
0
server
nginx
teads-format.min.js
a.teads.tv/media/format/v3/ Frame C66C 		599 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf60c420f471d7669d58a6ba6a89828bbc2a7b1abc1d0a3d72421fcde3101a07

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
br
last-modified
Mon, 02 Oct 2023 14:04:04 GMT
x-amz-request-id
FR86YGA8SWXQV8R7
etag
"df6b85588f38a0f4e3113fd3b3cbaae5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
5
accept-ranges
bytes
content-length
133870
x-amz-id-2
bVSEZrisIT3kgThOBMDYyFu+c7mD5V8SZN9i+a+45PhATl7FAv+baW4uB9V+Q7zt+bBh0Ic+vaA=
expires
Thu, 05 Oct 2023 02:06:45 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ Frame F781 		599 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf60c420f471d7669d58a6ba6a89828bbc2a7b1abc1d0a3d72421fcde3101a07

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
br
last-modified
Mon, 02 Oct 2023 14:04:04 GMT
x-amz-request-id
FR86YGA8SWXQV8R7
etag
"df6b85588f38a0f4e3113fd3b3cbaae5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
5
accept-ranges
bytes
content-length
133870
x-amz-id-2
bVSEZrisIT3kgThOBMDYyFu+c7mD5V8SZN9i+a+45PhATl7FAv+baW4uB9V+Q7zt+bBh0Ic+vaA=
expires
Thu, 05 Oct 2023 02:06:45 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309181453000/ Frame 18F4 		223 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Oct 2023 22:17:54 GMT
age
11931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62203
x-xss-protection
0
server
sffe
etag
"59b685ca39a652ba"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 03 Oct 2024 22:17:54 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 18F4 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 02 Oct 2023 17:11:29 GMT
age
203116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"38a16d64b8e81628"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Oct 2024 17:11:29 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 18F4 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Oct 2023 00:09:37 GMT
age
5228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29033
x-xss-protection
0
server
sffe
etag
"ac3d68f1a1bd2015"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Oct 2024 00:09:37 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 18F4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 02 Oct 2023 17:11:29 GMT
age
203116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1919
x-xss-protection
0
server
sffe
etag
"93680ba5e670b6a8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Oct 2024 17:11:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 18F4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 02 Oct 2023 17:11:29 GMT
age
203116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12946
x-xss-protection
0
server
sffe
etag
"6bacf375b2677883"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Oct 2024 17:11:29 GMT
css
fonts.googleapis.com/ Frame 18F4 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 23:52:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 01:36:45 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 18F4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 17:51:21 GMT
x-content-type-options
nosniff
server
cafe
age
27924
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Thu, 05 Oct 2023 17:51:21 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 18F4 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
46053
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 05 Oct 2023 12:49:12 GMT
l
www.google.com/ads/measurement/ Frame 18F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjbYc5sTq68N8E3rzgGUldMZb2SsX4QXCs91txYH67NtF0nLH0JEG1P-7s2gmL44Aasjb9lvxWrqyVNGIkgC3X4eqGug
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame C66C 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd97b1cb106742243d5ad855f584be2c3179521cfc8a8dbaab27f33b48a5adb9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
6592766407814317453
tpc.googlesyndication.com/simgad/15259664494826390158/ Frame 18F4 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15259664494826390158/6592766407814317453
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ada8d2e2c4841a05242e249f31b0f8753b1c568cb116e29fa8ffb0b95e128cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 08:12:20 GMT
x-content-type-options
nosniff
age
235465
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28647
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 16:02:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 01 Oct 2024 08:12:20 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/9795232193673121008/ Frame 18F4 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9795232193673121008/14763004658117789537?w=100&h=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5126ae213c7549764203ac8959a8671dd289eaec5aa2b5f3731e6f237201eec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 04:58:57 GMT
x-content-type-options
nosniff
age
419868
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1367
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 15:51:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 29 Sep 2024 04:58:57 GMT
truncated
/ Frame 18F4 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
929d35de31238ff5d8ae3ce3deee0e2f78cb0d92f3c3075b6806c71763fcec92

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 876F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 01:36:45 GMT
generic
match.adsrvr.org/track/cmf/ Frame 6BE8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&cmcv=&pix=undefined&cb=1696469804977&uv=3345&tms=1696469804977&abt=nonrv_vA!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=cdf9c59d-3851-48aa-9066-dbc7feda40e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6BE8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&cmcv=&pix=undefined&cb=1696469804977&uv=3345&tms=1696469804977&abt=nonrv_vA!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=cdf9c59d-3851-48aa-9066-dbc7feda40e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:66f9:a65a:1e1c:e51e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pixel
cm.g.doubleclick.net/ Frame 1045
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDSk9nUQlrDviJ6FS6B1SEA&google_cver=1&google_push=AXcoOmRcxmUZdOTX-8sl-mkumN7dOwQzBJxM4YrsRKlmKrp79EDn0HmeiHs8WGDNAQUEeeqX3C3JlzqE1V85UNomrT4jFz1Fe_SP
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=046A5B4EA1F84E47838D8022044A18BE&google_push=AXcoOmRcxmUZdOTX-8sl-mkumN7dOwQzBJxM4YrsRKlmKrp79EDn0HmeiHs8WGDNAQUEeeqX3C3JlzqE1V85UNo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=046A5B4EA1F84E47838D8022044A18BE&google_push=AXcoOmRcxmUZdOTX-8sl-mkumN7dOwQzBJxM4YrsRKlmKrp79EDn0HmeiHs8WGDNAQUEeeqX3C3JlzqE1V85UNomrT4jFz1Fe_SP
Requested by
Host: ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
URL: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=046A5B4EA1F84E47838D8022044A18BE&google_push=AXcoOmRcxmUZdOTX-8sl-mkumN7dOwQzBJxM4YrsRKlmKrp79EDn0HmeiHs8WGDNAQUEeeqX3C3JlzqE1V85UNomrT4jFz1Fe_SP
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 04 Oct 2023 01:36:45 GMT
pixel
cm.g.doubleclick.net/ Frame 1045
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEIpJ8bCkBHSyb2t32mzqBUQ&google_cver=1&google_push=AXcoOmSvkbVbIDotvWRGMNo9BXzpwRYzyG9hbk8J8T51CV3l5_cGtqV7sUqZeSqF6UU11azuUVxLthYy9-EJQAlR9vteWUZOijCS
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RXhRWEdReUdDUU9lSVNXckxoTWVaUQ%3D%3D&google_push=AXcoOmSvkbVbIDotvWRGMNo9BXzpwRYzyG9hbk8J8T51CV3l5_cGtqV7sUqZeSqF6UU11azuUVxLthYy9-EJQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RXhRWEdReUdDUU9lSVNXckxoTWVaUQ%3D%3D&google_push=AXcoOmSvkbVbIDotvWRGMNo9BXzpwRYzyG9hbk8J8T51CV3l5_cGtqV7sUqZeSqF6UU11azuUVxLthYy9-EJQAlR9vteWUZOijCS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:36:46 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RXhRWEdReUdDUU9lSVNXckxoTWVaUQ%3D%3D&google_push=AXcoOmSvkbVbIDotvWRGMNo9BXzpwRYzyG9hbk8J8T51CV3l5_cGtqV7sUqZeSqF6UU11azuUVxLthYy9-EJQAlR9vteWUZOijCS
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
243
usersync.aspx
dis.criteo.com/dis/ Frame 1045 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS3pGLyU8VfME7UaenVfVLm5deXdf6iOk3a-r-0UjhT1vt-hvLI21VjrLwnNev6wd0MJX9Hgb-jAdw7g8xRk49kFcCCMGA&google_gid=CAESEA_B3JFZRfZVJl0vqyc1cGU&google_cver=1
Requested by
Host: ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
URL: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
248073
expires
Thu, 05 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1045
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBX9Y8UstqJX3T_iF28XVSM&google_cver=1&google_push=AXcoOmS2UqYkPzXgmO3kBPI4uXLw1gg4Te-DaR0b2LdVV_Y41jk4Z-7NRNZQn7v8I-r7hSS13DXi-CewhZKk4...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBX9Y8UstqJX3T_iF28XVSM&google_push=AXcoOmS2UqYkPzXgmO3kBPI4uXLw1gg4Te-DaR0b2LdVV_Y41jk4Z-7NRNZQn7v8I-r7hSS13DXi-CewhZKk4...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS2UqYkPzXgmO3kBPI4uXLw1gg4Te-DaR0b2LdVV_Y41jk4Z-7NRNZQn7v8I-r7hSS13DXi-CewhZKk4ysA4zAX2wq8u90&google_hm=aEUxWWlGYXVtdUxUNVNpW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS2UqYkPzXgmO3kBPI4uXLw1gg4Te-DaR0b2LdVV_Y41jk4Z-7NRNZQn7v8I-r7hSS13DXi-CewhZKk4ysA4zAX2wq8u90&google_hm=aEUxWWlGYXVtdUxUNVNpWFNxdVE=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS2UqYkPzXgmO3kBPI4uXLw1gg4Te-DaR0b2LdVV_Y41jk4Z-7NRNZQn7v8I-r7hSS13DXi-CewhZKk4ysA4zAX2wq8u90&google_hm=aEUxWWlGYXVtdUxUNVNpWFNxdVE=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame 1045
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEPP-7D7_LpCZRk3XXGvE1C8&google_cver=1&google_push=AXcoOmREBoKGLhH7E6msXxa1QVUkBSZ9EaMmYbMaCQFifa6ZsbdeIvKO-jP36Z7KeYvqSKTJHZQOhNwFMPK3FplRtekQPfqtbaY-7g
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmREBoKGLhH7E6msXxa1QVUkBSZ9EaMmYbMaCQFifa6Z...
43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmREBoKGLhH7E6msXxa1QVUkBSZ9EaMmYbMaCQFifa6ZsbdeIvKO-jP36Z7KeYvqSKTJHZQOhNwFMPK3FplRtekQPfqtbaY-7g
Requested by
Host: ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
URL: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmREBoKGLhH7E6msXxa1QVUkBSZ9EaMmYbMaCQFifa6ZsbdeIvKO-jP36Z7KeYvqSKTJHZQOhNwFMPK3FplRtekQPfqtbaY-7g
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
spacer.gif
an.yandex.ru/resource/ Frame 1045
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEHQa-H6WB45MF1Ar3xPISrw?ext-param=AXcoOmTS-5Dyh5kCDcEcz7O74wPY8rVIbDB6MfVUU8TZVnQA02jMP2fNrs6NoX8yPr-iNKwh_iEPDzFW2wJOdLlGVMSDYPTb6j3ukg&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEHQa-H6WB45MF1Ar3xPISrw?redir-setuniq=1&ext-param=AXcoOmTS-5Dyh5kCDcEcz7O74wPY8rVIbDB6MfVUU8TZVnQA02jMP2fNrs6NoX8yPr-iNKwh_iEPDzFW2wJOdLlGVMSDYPTb6j3ukg&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEHQa-H6WB45MF1Ar3xPISrw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 19 Sep 2024 01:36:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame 1045
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAn85V1SXTjm...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4&google_push=AXcoOmQm3EZpebZXTjOsht9H1PbpqhOLHcFieS38SOYWQbMwzpXinRvsaE6g27SX5-lRD...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
URL: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 05 Oct 2023 01:36:45 GMT
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1045 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWUAKwzPHdaqtUQD-tedgNm1Iq997YHR7YJFeUtHj-JGBpfJSguSM7jbU1KUUhlwVWJwNpI3PI
Requested by
Host: ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
URL: https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_4_5/infra/ 		882 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c930218a7329f9a602afceefc667804448908afb5048d9db9bbb31ea85486562

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696324689
date
Thu, 05 Oct 2023 01:36:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
Z3HN305F4BYJJD72
age
145000
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696324690
x-amz-meta-mode
33188
content-length
147342
x-amz-id-2
0458jpKlcHtyqmxP5zkJMjfcV3ZVfGwp4x9iL6YNqXh4iLFA2v1piYXjQhXHkAVtDJq36H9KyRE=
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 03 Oct 2023 09:18:11 GMT
server
AmazonS3-br
x-timer
S1696469805.136417,VS0,VE0
etag
"506fa4da9ad74d978d49cd3219439d0e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
66792
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_5/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_5/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696324708
date
Thu, 05 Oct 2023 01:36:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
AAB07MP3Z0BRKB90
age
145004
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696324709
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
5zlPQrxkHXYPWMBB+EHlzkEfvuhsb1WuCuNJYZ/zDtQvkzfgK1ihN8wqrUFlyz8QYKidyM+16Xk=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Tue, 03 Oct 2023 09:18:30 GMT
server
AmazonS3-br
x-timer
S1696469805.136256,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
103730
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 18F4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:26:25 GMT
x-content-type-options
nosniff
age
173420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 01:26:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 18F4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 16:50:19 GMT
x-content-type-options
nosniff
age
31586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Oct 2024 16:50:19 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Oct 2023 02:36:45 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.594.0_en.html
imasdk.googleapis.com/js/core/ Frame 38A6 		724 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
16471
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237562
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 21:02:14 GMT
expires
Thu, 03 Oct 2024 21:02:14 GMT
last-modified
Wed, 04 Oct 2023 14:44:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 01:36:45 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AC2C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 05 Oct 2023 02:16:40 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=TmJf7x10JGg5Pa2QQOAaM6SbpmUOmU0TCIgJsR07ug49phIwVLZi5ONH09Q0F21in2ZBXCS5pb1v9gmiafDPKwJOf6WbufIjDjZKzsw6sxj8tO%2BbRKIBFEww0vmYiB6hnzpL4HjGdo6W3n5ICJu86ZxYqd7by242tSyysDKgMh%2Fa7MSA171U4x1m0RZ7uS1T8j8zXwN3I16NpDA2TRTcyUTO6YBaz%2FJXkXtZpnVoQd4H%2FSCUrnAMdfe3EEgr%2B7wLThubBsU1dWPp2fvLF%2BYH%2BTFelFmPmq6R3N5GVRAl3q6%2BwJcfl03wtTgC2nFrQVmY0GN8oTyNZ8ywwASEgercv7L%2FjuRNB7%2BHq%2BFmrTP4bgw0ziS34jUkKQQvAOYVlJsxy7SJcmELzlVl6Jk4w5zVGoKlXpL7F5b%2FUu28seqVEbL80q4yRWJLIlH1nKM%2FjHUDNw2kVQ54dN4xjFS2U2MYMlkxa6oAbNc5VNlTyLk2qI0g5Zs8Fn4KJ6x9j0KWHQqzEFocal1yqI5Y%2Bv78OMPXkncBQTiMVJ4WRlRfM9opXgIK%2Bh%2B0Cr7bzxupzT%2Bcckv%2F
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		269 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
901c447116f25250f4ec32a1d5bbd520c61f036a4bd1050d6efb280cf474efba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91588
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Oct 2023 01:36:45 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1E69 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 1E69
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-S4PWZY5E2oQlPG4sqQPjvZwwpdMJGY3jQYOD0w--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-S4PWZY5E2oQlPG4sqQPjvZwwpdMJGY3jQYOD0w--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29920

Redirect headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-S4PWZY5E2oQlPG4sqQPjvZwwpdMJGY3jQYOD0w--~A
content-length
0
sync
x.bidswitch.net/ Frame 1E69 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.148.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-148-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 6660 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&cmcv=&pix=undefined&cb=1696469804977&uv=3345&tms=1696469804977&abt=nonrv_vA!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=cdf9c59d-3851-48aa-9066-dbc7feda40e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Oct 2023 01:36:45 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
480_650.mp4
cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/ 		564 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 05 Oct 2023 01:36:45 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1A62 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
565817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 12:26:28 GMT
expires
Fri, 27 Sep 2024 12:26:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&pfid=72&env=js-web&ut=1&cid=1124771&gid=1057749&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=Xa00FVA0EN3Kbc42QY5NcK5p&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1057749&dsp_creative_id=1124771&fms=9&p=VsDfm4A5Rxe_FrSYA5btTm8SNox3Er9BEXt9VZa0zDEtfQ&cts=1696469803763&cs=-675963125234160024705&1696469803763&slot=native&hb_w=300&hb_h=250&fv=1263&ts=1696469805387&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
iframe
sync.teads.tv/ Frame C08A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
bf8634bb0d371728e4201aae0128205805d985c97320190a9fd6f65687b11d90

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
720
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:45 GMT
expires
Thu, 05 Oct 2023 01:36:45 GMT
pragma
no-cache
server
akka-http/10.2.10
vary
Accept-Encoding
nurl
a.teads.tv/be-ms/ Frame C66C 		36 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiCj00Qo1cdAMpQBCQAAAABgvWM_IZqZmZmZmek_KJ36pN0HMmEqFAoQCNLTRhIDVVNEGgVzdGFydBgBOiMKAmF1GIC1GCIDVVNEKgppbXByZXNzaW9uMJS-vgE4lL6-AUIkCgJ0cxIFMTAyMjMaEwgAEgNVU0QaCmltcHJlc3Npb24iAmF1OO674AFYBWDuu-ABcMqSpgJ4qM3wApgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFIkgFaCAUQ9AUYxU8g1I0WKgQxNDM3MP___________wE6BHdpZmlCD20yNDcgZXVyb3BlIHNybEoBP1INZXVyb3BlL3p1cmljaFoJc3VzY8OpdmF6YgdzY2h3ZWl6mgEKd3d3LmJnMy5jb6ABAqgBA7gBzzfCAQZwcmViaWTgAQH6ATMSLwoWCOqKhcekgvbmqgEQ2Ia4usaN4bagARIVCIWP_d329-OQVxDhgda5hZjLhqkBGACAAr3F6-uvMYoCB1dpbmRvd3OSAgQxMC4wmAIAqgI2QURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhsgIZChUI75-x4oPOrrgVELjUsendjL3ptwEgANgCAOACAPECAAAAAAAA8D_4AgGAAwCiA2xodHRwczovL3d3dy5iZzMuY28vYS94aS1qaWEtem9uZy1oZS1odWFuZy1tYS14aW4tbmlhbi1zaG91LXpoYW4tc2hpLWxpLWJhLXNhLWtlLWNoYW5nLXlpLXFpdS14aWFvLXNoZW5nLmh0bWyoAwCyAwJjaLoDBkNocm9tZcADWcgDANADAPIDDzE5NS4yMDYuMTA1LjEzMoAEAA==&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=vhc83oaB_HTU15IDk0Tc79cGfRsrAqSdJedPEUdpOlkwRg&psid=415253&checksum=-23199956
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6cd09dc06f91652b178d12d60fff682c15494d15299a3dc596c8b42410ad0d63

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
36403
expires
Thu, 05 Oct 2023 01:36:45 GMT
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pageId=154680&pid=169092&hb_provider=prebid&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&slot=native&pfid=72&fv=1263&ts=1696469805395&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&pfid=72&env=js-web&ut=1&cid=1124771&gid=1057749&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=Sq9A5V8QiuLe4hOdzdjcWNRx&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1057749&dsp_creative_id=1124771&fms=9&p=8rdf6U4qXeRWJN63lCuE0IG34Obrqf33rizWknZu4EUCTw&cts=1696469803735&cs=-822505904080707514405&1696469803735&slot=native&hb_w=300&hb_h=250&fv=1263&ts=1696469805461&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
iframe
sync.teads.tv/ Frame C79F 		1 KB
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805462
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
3c9a309866560888fa3532703173649000953b858596b3f7708bc3c376cb63f4

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
552
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:45 GMT
expires
Thu, 05 Oct 2023 01:36:45 GMT
pragma
no-cache
server
akka-http/10.2.10
vary
Accept-Encoding
nurl
a.teads.tv/be-ms/ Frame F781 		28 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiCj00Qo1cdAMpQBCQAAAABgvWM_IZqZmZmZmek_KJ36pN0HMmEqFAoQCNLTRhIDVVNEGgVzdGFydBgBOiMKAmF1GIC1GCIDVVNEKgppbXByZXNzaW9uMJS-vgE4lL6-AUIkCgJ0cxIFMTAyMjMaEwgAEgNVU0QaCmltcHJlc3Npb24iAmF1OO674AFYBWDuu-ABcMqSpgJ4qM3wApgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFIkgFaCAUQ9AUYxU8g1I0WKgQxNDM3MP___________wE6BHdpZmlCD20yNDcgZXVyb3BlIHNybEoBP1INZXVyb3BlL3p1cmljaFoJc3VzY8OpdmF6YgdzY2h3ZWl6mgEKd3d3LmJnMy5jb6ABAqgBA7gBzzfCAQZwcmViaWTgAQH6ATMSLwoWCOqKhcekgvbmqgEQ2Ia4usaN4bagARIVCK6drZ3o792iARDBnMzn2oOvj4UBGACAAqvF6-uvMYoCB1dpbmRvd3OSAgQxMC4wmAIAqgI2QURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhsgIZChUI75-x4oPOrrgVELjUsendjL3ptwEgANgCAOACAPECAAAAAAAA8D_4AgGAAwCiA2xodHRwczovL3d3dy5iZzMuY28vYS94aS1qaWEtem9uZy1oZS1odWFuZy1tYS14aW4tbmlhbi1zaG91LXpoYW4tc2hpLWxpLWJhLXNhLWtlLWNoYW5nLXlpLXFpdS14aWFvLXNoZW5nLmh0bWyoAwCyAwJjaLoDBkNocm9tZcADWcgDANADAPIDDzE5NS4yMDYuMTA1LjEzMoAEAA==&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=HlbBqOfu-n9ZAd4plIIDWzvyIvt6U6FMVASbba2YSMh1AA&psid=415253&checksum=218007603
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29d14696688c8e6685b06e7fc9b81ec52c922b5313358565165f3d42f941db3b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
29122
expires
Thu, 05 Oct 2023 01:36:45 GMT
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pageId=154680&pid=169092&hb_provider=prebid&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&slot=native&pfid=72&fv=1263&ts=1696469805464&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 6660 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4fa2e54f14f97f0dbbfe4b2045f78e943a2707afc0f3fa747786cfba7388530f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:36:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 00:24:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82134
Connection
keep-alive
Content-Length
10463
Expires
Fri, 06 Oct 2023 00:25:39 GMT
ysm_bg3.js
ad.sitemaji.com/ Frame EA6F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
etag
W/"64993011-7b8f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 01:36:45 GMT
pixel
cm.g.doubleclick.net/ Frame C08A
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 05 Oct 2023 01:36:45 GMT
generic
match.adsrvr.org/track/cmf/ Frame C08A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1696469805420
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame C08A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1696469805420
  • https://sync.teads.tv/um?fp=1&eid=80&uid=54ba79e3-00e4-421c-9c22-df79652b4727&gdpr=0&gdpr_consent=
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=54ba79e3-00e4-421c-9c22-df79652b4727&gdpr=0&gdpr_consent=
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H2
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 05 Oct 2023 01:36:46 GMT
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=54ba79e3-00e4-421c-9c22-df79652b4727&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
852744
content-length
0
expires
Thu, 05 Oct 2023 00:00:00 GMT
um
sync.teads.tv/ Frame C08A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/1570ba70-3c4c-4fef-b7d2-f465dd2c6a38?gdpr=0&gdpr_consent=&_t=1696469805420
  • https://sync.teads.tv/um?eid=132&uid=y-4gdDVzZE2oRr_hlxH1WTDM0ftb3.6lf02wQ-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-4gdDVzZE2oRr_hlxH1WTDM0ftb3.6lf02wQ-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H2
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 05 Oct 2023 01:36:46 GMT
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-4gdDVzZE2oRr_hlxH1WTDM0ftb3.6lf02wQ-~A
content-length
0
/
loadm.exelator.com/load/ Frame C08A 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38_eu_ch&gdpr_consent=&_t=1696469805420
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
44858
tags.bluekai.com/site/ Frame C08A 		62 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44858?id=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38_eu_ch&limit=1&gdpr_consent=&_t=1696469805420
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.211.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-211-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 05 Oct 2023 01:36:46 GMT
content-length
62
content-type
image/gif
474599.gif
idsync.rlcdn.com/ Frame C08A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/474599.gif?partner_uid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38_ch&cv=&_t=1696469805420
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
g.pixel
aa.agkn.com/adscores/ Frame C08A 		43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38_ch&_tid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gdpr_consent=&_t=1696469805420
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.25.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-25-174.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame C08A 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38_ch&gdpr_consent=&_t=1696469805420
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n007-dub-prod.krxd.net
date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=67 t=1696469806
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame C08A
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805391
Protocol
H2
Server
34.253.57.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-57-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Oct 2023 01:36:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Thu, 05 Oct 2023 01:36:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4C0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
33095
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 16:25:10 GMT
expires
Thu, 03 Oct 2024 16:25:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0653 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
60f7936eace3195791445ce6d7340149cbeea4b73c404813ebb49521949ebfc2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_YFnRCNhotKqULXHUKjTqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_YFnRCNhotKqULXHUKjTqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:45 GMT
expires
Thu, 05 Oct 2023 01:36:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1fb1bc80-56e7-11ee-a34a-f15bea477743
s8t.teads.tv/vast/ Frame C66C 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/vast/1fb1bc80-56e7-11ee-a34a-f15bea477743
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
6f0e52c2272c85e5dc7d7b69b955c09d8b98f6de7e5c9cf592ff7d22f30c54af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"8ec-guXkRoQbxYyu1Ftea9IQm7AOYd0"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
1035
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1624411
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1696469806.722641,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
24532
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/ 		465 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696237416
date
Thu, 05 Oct 2023 01:36:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2EK0MFKQJ582WGF5
age
232320
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696237429
x-amz-meta-mode
33188
content-length
89004
x-amz-id-2
uWnSXRPNxYC47yYqArglm/Yl1WFzirwr1h4h6dCkk/tO4FFf9RUbOHfsYVNsTCpw+wNcNXoFYxA=
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Mon, 02 Oct 2023 09:03:50 GMT
server
AmazonS3-br
x-timer
S1696469806.747400,VS0,VE0
etag
"585652628115b4409d6c93eb98f8e63c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
209634
sync
am-match.taboola.com/ Frame 97CE 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c7ac3185014dbe0b6bdaa25b73123c58b84cb1dc644a2a5ef3366a61102fa07b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 05 Oct 2023 01:36:46 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&cmcv=&pix=31579697&cb=1696469805742&uv=3345&tms=1696469805742&su=3&abt=nonrv_vA!u2822_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-length
0
server
nginx
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 18F4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 17:51:21 GMT
x-content-type-options
nosniff
server
cafe
age
27924
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Thu, 05 Oct 2023 17:51:21 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 18F4 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
46053
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 05 Oct 2023 12:49:12 GMT
pixel
cm.g.doubleclick.net/ Frame C79F
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805462
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTU3MGJhNzAtM2M0Yy00ZmVmLWI3ZDItZjQ2NWRkMmM2YTM4
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 05 Oct 2023 01:36:45 GMT
generic
match.adsrvr.org/track/cmf/ Frame C79F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1696469805489
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805462
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame C79F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1696469805489
  • https://sync.teads.tv/um?fp=1&eid=80&uid=54ba79e3-00e4-421c-9c22-df79652b4727&gdpr=0&gdpr_consent=
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=54ba79e3-00e4-421c-9c22-df79652b4727&gdpr=0&gdpr_consent=
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805462
Protocol
H2
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 05 Oct 2023 01:36:46 GMT
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=54ba79e3-00e4-421c-9c22-df79652b4727&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
645273
content-length
0
expires
Thu, 05 Oct 2023 00:00:00 GMT
um
sync.teads.tv/ Frame C79F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/1570ba70-3c4c-4fef-b7d2-f465dd2c6a38?gdpr=0&gdpr_consent=&_t=1696469805489
  • https://sync.teads.tv/um?eid=132&uid=y-4gdDVzZE2oRr_hlxH1WTDM0ftb3.6lf02wQ-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-4gdDVzZE2oRr_hlxH1WTDM0ftb3.6lf02wQ-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805462
Protocol
H2
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 05 Oct 2023 01:36:46 GMT
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

date
Thu, 05 Oct 2023 01:36:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-4gdDVzZE2oRr_hlxH1WTDM0ftb3.6lf02wQ-~A
content-length
0
usersync
sync.springserve.com/ Frame C79F
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&1696469805462
Protocol
H2
Server
34.253.57.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-57-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Oct 2023 01:36:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Thu, 05 Oct 2023 01:36:45 GMT
1fb1bc80-56e7-11ee-a34a-f15bea477743
s8t.teads.tv/vast/ Frame F781 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/vast/1fb1bc80-56e7-11ee-a34a-f15bea477743
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
6f0e52c2272c85e5dc7d7b69b955c09d8b98f6de7e5c9cf592ff7d22f30c54af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"8ec-guXkRoQbxYyu1Ftea9IQm7AOYd0"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
1035
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 05 Oct 2023 01:36:45 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
11344
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1696469806.798871,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
95
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1127
truncated
/ Frame B630 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
performance-single-video
s8t.teads.tv/vpaid-builder/ Frame 60D7 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
ff17b8630719315504de11eb21395948b10ae7bcf47c361f27bdce55472eb763

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:45 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"186b4-ax20487VnByVUn0F1fyPANCT7es"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=435
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
28544
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 05 Oct 2023 01:36:45 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
1287739
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1696469806.862824,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
94924
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3a20&_p=760036858&cid=1774176298.1696469803&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696469805&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=%E8%A5%BF%E7%94%B2%E7%B6%9C%E5%90%88%EF%BC%9A%E7%9A%87%E9%A6%AC%E6%96%B0%E5%B9%B4%E9%A6%96%E6%88%B0%E5%A4%B1%E5%88%A9%C2%A0%E5%B7%B4%E8%96%A9%E5%AE%A2%E5%A0%B4%E4%B8%80%E7%90%83%E5%B0%8F%E5%8B%9D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 6660 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LNCIBI58-6-6WQ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 06:17:50 GMT
x-content-type-options
nosniff
age
415135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 06:17:50 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 04:55:47 GMT
x-content-type-options
nosniff
age
420058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 04:55:47 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
480_650.mp4
cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/ 		148 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 05 Oct 2023 01:36:46 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Oct 2023 01:36:46 GMT
GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
pagead2.googlesyndication.com/bg/ Frame 1A62 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
162677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14584
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:25:29 GMT
480_650.mp4
cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/ 		238 KB
239 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16646144-

Response headers

Date
Thu, 05 Oct 2023 01:36:46 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16646144-16890123/16890124
Connection
keep-alive
Content-Length
243980
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame EA6F
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
670
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUJSpk6MCiHY8hL3339ow9oOH1gf32kHMuk5zoVWXnNeglHC%2BWBO6tdYO3cvsXKO0%2BD8Vn42b2%2FqAJqEwWZxt%2F4BUUDaNVOcIxGsOSkvsKdRELUlbbzNM9fwkHnfuTF2H6zbUtRygP74aQdchg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8111ef84df2f2c26-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
NEVgsDQun4b1vJc5FDH5S8iwy5VrD79A7GiCc%2Bs70rbQJ%2FLJ8uLX4hOaJitrlYPUq3BzuhnKHtW3EBqo8NWnBcl0nI2CdTLdNdAn7yc6TBw18JNTwgYpS9XlXlaR0GTbycNnO6k9Eft4HqgIqq2JNUC54KklX%2FjL71UbLcRlaX21SCANxqX%2FXD451LlDb...
ad.vidverto.io/delivery/video/pod/ Frame 38A6 		45 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/NEVgsDQun4b1vJc5FDH5S8iwy5VrD79A7GiCc%2Bs70rbQJ%2FLJ8uLX4hOaJitrlYPUq3BzuhnKHtW3EBqo8NWnBcl0nI2CdTLdNdAn7yc6TBw18JNTwgYpS9XlXlaR0GTbycNnO6k9Eft4HqgIqq2JNUC54KklX%2FjL71UbLcRlaX21SCANxqX%2FXD451LlDbmaCRonmriccaqzDnsx4FkryEycKDtm%2Bq6qU3sleHRDu9uTwncG7o7ZK8crbZcYgHdHpwU0aVXGe2i9%2FUCAB2q5JujJ2Qaezto5M70Hgvhnulr81y8tuZea6StpaGLDZFcI3O%2Bydk2WvWUTyrUv7wx%2FoA6wapjl1ivLmwj2pz39SEg%2BUPAHIBIvda11TKyQQYyCFj0ziuChvh1CZR59ZpC6s0Xup%2B%2Bu7x1d1uP%2B17MCSbUKpoEUqf7n%2BVmrNpnVsOczehvqfI6cG0NcEZtew7OZ5TO5k%2FNutJ6%2FAEcH9LAfa0LbuEK%2BLytKVJuPi0opDwmdj7TfJ03Komg8tiZGgVfTVuxJJ7cKffyCjgQJvMTMgX3v8omlm6FECm5Wk1E3RRwevvVI2kNU6H4BHQkBK%2BcE0hw8GVK4DJFn3T2XgPwSXJuSKc%2FsADhbKbYrLrdfdn%2BY%2BtsagCl3QXpIfIEAc55VvVDoutjrXTOTjFDFn7c4UoMxxy6sUehZ%2BM4VrnrE2AYbUtioKpS2OLIxDn8j0TmTl3rpFqCh%2FJ%2FXWcvMH8pKlFlk%3D?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1543eba9f5b814bcedf0b5451b4cc4f426384f817fe2e48832aebc1c8057208

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame 97CE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 97CE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-S4PWZY5E2oQlPG4sqQPjvZwwpdMJGY3jQYOD0w--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-S4PWZY5E2oQlPG4sqQPjvZwwpdMJGY3jQYOD0w--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29914

Redirect headers

date
Thu, 05 Oct 2023 01:36:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-S4PWZY5E2oQlPG4sqQPjvZwwpdMJGY3jQYOD0w--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame 97CE 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
truncated
/ Frame 748B 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
performance-single-video
s8t.teads.tv/vpaid-builder/ Frame 9407 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
ff17b8630719315504de11eb21395948b10ae7bcf47c361f27bdce55472eb763

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"186b4-ax20487VnByVUn0F1fyPANCT7es"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=4757
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
28544
csi
csi.gstatic.com/ Frame 38A6 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lncibjl1&c=7029444888328&slotId=3514722444164&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 18F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvJCpLBMeZdz7H-mA7_UPvbC3oAOHovy8cMGZ86rWEdzZHhABILqEwDNg9ZXOgeAEoAGt25DCA8gBCakCYFwDHvNKsj7gAgCoAwHIAwqqBPsCT9Ap2b1Di87JX9SbFunYrK4erNYbu-0FpVVaPGQqIal7Yt8MaCyYNdNrL5BXSiVbS7QFHYn0lGKiO-FoMC0rBHX70ByoMu4js1yUQjJsr6lArLAKdM84-fqJp4hsOI3hdIssCcSByf03FwGaGbzX6vsFnPjazW8ur3YfslSyKY4ny-REwFi-SceoxvAy8ouZfS6sfWs1_aE6ssdvlaXAENKy9sQyA_TgFT4bHOKDE_7TEbnsOwY9W5OsNkab0tFokV3tkIFTETeaj4zHsnmLjHroupp_UfbnLGnmyEHW3MmJGysO6W0b5URw4ypOxj9UdqSAWSwwAhN5LOoYF8_bwG6IIykA6YaeqUVxl4xJChLpRfk94rOZE3MPqEJLDGvlgj8rMH8r9Je-Ajf0REuQWpr2XnTdu15s0gVemE8u6YhzSamdxKkCfYcd7mg9Ad39ivgBo3efIDhT8c6PCqLeqRDuhKQsz4-hsQPT7skx4T_KF5jEY5SUuME7VsAE2rbjla4E4AQBiAWF1JbBRaAGLoAHu6TvPagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP33DNIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwmglSaHR0cHM6Ly93d3cuYXV0b2xpbmEuY2gvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1yZW1hcmtldGluZ4AKA8gLAdoMEQoLELCv_J3E9IGFqQESAgED4g0TCLugusDi3YEDFWnAuwgdPdgNNLgT5APYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTMyNTM0MDQyOTgyMzUwMhjKqx4&sigh=Xe65MdqWrt0&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNY_IGdid92FnmBBfTYt1kEWzEHqIY4YUbNar4_xRFeGCPqcJVXxRjktTQrUEcQ4LW0AUh1o9QJxgB&template_id=484&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0653 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=1768259464940280&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&env=js-web&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pageId=154680&pid=169092&hb_provider=prebid&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&slot=native&pfid=72&gid=1057749&sid=174681&fv=1263&ts=1696469806380&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Oct 2023 01:36:46 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 38A6 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2710764914084440&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTeudBVNd4Gg_129X3DxgEw%3A1696473403%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=87FE6835-3D5B-4772-9DA6-7DE6249051FF&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793965%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=1696469806419&cookie=ID%3Dbe52cc7a3cf7e403-221a94f07fe4004f%3AT%3D1696469802%3ART%3D1696469804%3AS%3DALNI_MZzgclkqTlR5UL42V5RNVtVxeaoPQ&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&scor=3484615556133663&ged=ve4_td5_tt0_pd5_la5000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 38A6 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2710764914084440&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTeudBVNd4Gg_129X3DxgEw%3A1696473403%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=87FE6835-3D5B-4772-9DA6-7DE6249051FF&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793965%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=1696469806422&cookie=ID%3Dbe52cc7a3cf7e403-221a94f07fe4004f%3AT%3D1696469802%3ART%3D1696469804%3AS%3DALNI_MZzgclkqTlR5UL42V5RNVtVxeaoPQ&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&scor=3484615556133663&ged=ve4_td5_tt0_pd5_la5000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx3.adform.net/adx/ Frame 38A6 		65 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/live/ Frame 38A6 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2710764914084440&cust_params=mt_fln%3D1.8&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTeudBVNd4Gg_129X3DxgEw%3A1696473403%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=87FE6835-3D5B-4772-9DA6-7DE6249051FF&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793965%2C44797965%2C44801604&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=1696469806426&cookie=ID%3Dbe52cc7a3cf7e403-221a94f07fe4004f%3AT%3D1696469802%3ART%3D1696469804%3AS%3DALNI_MZzgclkqTlR5UL42V5RNVtVxeaoPQ&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&scor=3484615556133663&ged=ve4_td5_tt0_pd5_la5000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 38A6 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2710764914084440&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTeudBVNd4Gg_129X3DxgEw%3A1696473403%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=87FE6835-3D5B-4772-9DA6-7DE6249051FF&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793965%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=1696469806435&cookie=ID%3Dbe52cc7a3cf7e403-221a94f07fe4004f%3AT%3D1696469802%3ART%3D1696469804%3AS%3DALNI_MZzgclkqTlR5UL42V5RNVtVxeaoPQ&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&scor=3484615556133663&ged=ve4_td5_tt0_pd5_la5000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 38A6 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2710764914084440&cust_params=mt_fln%3D1.3&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTeudBVNd4Gg_129X3DxgEw%3A1696473403%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=87FE6835-3D5B-4772-9DA6-7DE6249051FF&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793965%2C44797965%2C44801604&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=1696469806437&cookie=ID%3Dbe52cc7a3cf7e403-221a94f07fe4004f%3AT%3D1696469802%3ART%3D1696469804%3AS%3DALNI_MZzgclkqTlR5UL42V5RNVtVxeaoPQ&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&scor=3484615556133663&ged=ve4_td5_tt0_pd5_la5000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 38A6 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2710764914084440&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTeudBVNd4Gg_129X3DxgEw%3A1696473403%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=87FE6835-3D5B-4772-9DA6-7DE6249051FF&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793965%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=1696469806440&cookie=ID%3Dbe52cc7a3cf7e403-221a94f07fe4004f%3AT%3D1696469802%3ART%3D1696469804%3AS%3DALNI_MZzgclkqTlR5UL42V5RNVtVxeaoPQ&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&scor=3484615556133663&ged=ve4_td5_tt0_pd5_la5000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame C4C0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 20:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
19926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 20:04:40 GMT
logo.high.jpg
s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/ Frame 60D7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/logo.high.jpg?aeed162e3b9421ad9a168aee037c68d4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
67646f6c32dc90f5422ab184ad1e600bb6327c5ef96a34503136ce0c202ef638

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
x-amz-request-id
ZF14CDZHJ5EX45FJ
x-amz-server-side-encryption
AES256
content-length
2073
x-amz-id-2
SlIPTWIaKYFhvAj9tQ0fvswOlxkeXmSLXW2IjWyibiEGuwg9eAdP+n+uN1zbDHRCbcDi63F7rts=
last-modified
Tue, 19 Sep 2023 12:23:33 GMT
server
AmazonS3
etag
"c9df9daed6d005a7a0cf799ed39df622"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 04 Oct 2024 02:43:26 GMT
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&env=js-web&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pageId=154680&pid=169092&hb_provider=prebid&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&slot=native&pfid=72&gid=1057749&sid=174681&fv=1263&ts=1696469806576&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame C66C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiDrI3oobwwgWAFxMa3cBjGfHw-eWcUqEa2Ylpo0AmwjY0dnTCplOSzyvh6HExBul-PDv7m3sMsvkSSaPRtCsgpTAeh1GybefN_nUdGL0WTdbeZWwIeYfZg0eyWR3lNw_ux24YqaLSA7JNEwkC5-DJkI4vXe826KtHWE5oIMXpEV0Z576xVfhCfYguDsMeZJE0UlTlMzip-svw9REQ7NXXlar6YAzMk7Wal-ODvCvyszzCRkUNA-4yVhpg-GP2hp-8Rcb6ao4NTKC4CzlW_5QDo-NnUjn3r4-TcymC3Yl0YZckpeT0xGlk_2mPShDyYy-Y1wE&sai=AMfl-YRKDiJTSEfdQZK3t7q0a9yNxRUtyYhMYP25uREN5dJ-Jo0VUV6QTglvU-kvF4nuc0E2k3sRkOnJK7ZXuXp2VUZPekpzJmewsdYUZzhibw22S8_wBQApQneWF1qMfdE&sig=Cg0ArKJSzF7txZY_Ot7hEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:36:46 GMT
video.high.mp4
s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/ Frame 60D7 		444 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/video.high.mp4?1bce3b376a8379593c68d20030ca704c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
x-amz-request-id
D1TYSRT1C3FBVV1Y
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-1648781/1648782
Content-Length
1648782
x-amz-id-2
JCcI0U5pBdBLUTbR1lwKvq4/ANLixWLQXtzPKJ4lHMbPzCYGDqxLGrLjTMYuwehOQp/QaFmVPIA=
last-modified
Tue, 19 Sep 2023 12:24:08 GMT
server
AmazonS3
etag
"efeca5fc91761272ff97f20cae9653db"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 04 Oct 2024 02:43:26 GMT
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&env=js-web&pageId=154680&pid=169092&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&slot=native&pfid=72&gdpr_api_version=&gdpr_cmp_id=&gdpr_consent=&gdpr_status=24&gdpr_reason=240&rpm_reason=19&hb_provider=prebid&fv=1263&ts=1696469806736&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
logo.high.jpg
s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/ Frame 9407 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/logo.high.jpg?aeed162e3b9421ad9a168aee037c68d4
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
67646f6c32dc90f5422ab184ad1e600bb6327c5ef96a34503136ce0c202ef638

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
x-amz-request-id
ZF14CDZHJ5EX45FJ
x-amz-server-side-encryption
AES256
content-length
2073
x-amz-id-2
SlIPTWIaKYFhvAj9tQ0fvswOlxkeXmSLXW2IjWyibiEGuwg9eAdP+n+uN1zbDHRCbcDi63F7rts=
last-modified
Tue, 19 Sep 2023 12:23:33 GMT
server
AmazonS3
etag
"c9df9daed6d005a7a0cf799ed39df622"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 04 Oct 2024 02:43:26 GMT
csi
csi.gstatic.com/ Frame 38A6 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lncibk6r&c=7029444888328&slotId=3514722444164&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793965%2C44797965%2C44801604&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 38A6 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame 38A6 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lncibkkz&c=7029444888328&slotId=3514722444164&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 38A6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&env=js-web&pageId=154680&pid=169092&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&slot=native&pfid=72&gdpr_api_version=&gdpr_cmp_id=&gdpr_consent=&gdpr_status=24&gdpr_reason=240&rpm_reason=19&hb_provider=prebid&fv=1263&ts=1696469806864&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
video.high.mp4
s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/ Frame 9407 		619 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/video.high.mp4?1bce3b376a8379593c68d20030ca704c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
x-amz-request-id
D1TYSRT1C3FBVV1Y
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-1648781/1648782
Content-Length
1648782
x-amz-id-2
JCcI0U5pBdBLUTbR1lwKvq4/ANLixWLQXtzPKJ4lHMbPzCYGDqxLGrLjTMYuwehOQp/QaFmVPIA=
last-modified
Tue, 19 Sep 2023 12:24:08 GMT
server
AmazonS3
etag
"efeca5fc91761272ff97f20cae9653db"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 04 Oct 2024 02:43:26 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 38A6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		359 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81d346cd690e79e7a6c9c5150088ba24600d44f1cf682e4d0974c6c45b3c97d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125855
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:36:46 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 38A6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame F798 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4878009912779&version=m202309260101&ct=76&x=1&cor=5640411354713387000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 38A6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lncibkl7&c=7029444888328&slotId=3514722444164&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 38A6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 38A6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
frontend
s8t.teads.tv/logs/studio/ Frame 60D7 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 38A6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 05 Oct 2023 01:36:47 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
219440
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
205744
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
b3300219696003daae85f622c7ae10a5fe7e9dc5c892768a54c9db3368d8166b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 01:36:47 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 04 Nov 2023 01:36:47 GMT
/
csync.smilewanted.com/ Frame 3C4B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8111ef881931921a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:47 GMT
server
cloudflare
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 5EAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 05 Oct 2023 01:36:47 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync
eb2.3lift.com/ Frame 092A 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 05 Oct 2023 01:36:47 GMT
/
onetag-sys.com/usync/ Frame 439E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1696469803837
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pd
adpushup-d.openx.net/w/1.0/ Frame DB2D
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
193ef47cd0db844399e47c22ebb46ff4b9750620b6c0ef2fb5f7f3dc4ba25f35

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
415
content-type
text/html
date
Thu, 05 Oct 2023 01:36:47 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 05 Oct 2023 01:36:47 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame AF0E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Oct 2023 01:36:47 GMT
ETag
"623de86a-cf34"
Expires
Fri, 06 Oct 2023 01:36:49 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
usync.html
eus.rubiconproject.com/ Frame 4090 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Oct 2023 01:36:47 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 62FC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
54921
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 04 Oct 2023 10:21:27 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-id
Jl2n010gWlrn3ROivxNpyT_tskkZkCAwAA52H9bX3V0vDCP1qlUVjg==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 04D2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
31
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8111ef89984923af-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:47 GMT
expires
Thu, 05 Oct 2023 05:36:47 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 65F5 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8491
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:47 GMT
expires
Sat, 07 Oct 2023 01:36:47 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bridge3.594.0_en.html
imasdk.googleapis.com/js/core/ Frame 397D 		724 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
16473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237562
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 21:02:14 GMT
expires
Thu, 03 Oct 2024 21:02:14 GMT
last-modified
Wed, 04 Oct 2023 14:44:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FC63 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 05 Oct 2023 02:16:40 GMT
bridge3.594.0_en.html
imasdk.googleapis.com/js/core/ Frame 787C 		724 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
16473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237562
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 21:02:14 GMT
expires
Thu, 03 Oct 2024 21:02:14 GMT
last-modified
Wed, 04 Oct 2023 14:44:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 67C8 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 05 Oct 2023 02:16:40 GMT
usync.js
eus.rubiconproject.com/ Frame 4090 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4fa2e54f14f97f0dbbfe4b2045f78e943a2707afc0f3fa747786cfba7388530f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:36:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 00:24:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82132
Connection
keep-alive
Content-Length
10463
Expires
Fri, 06 Oct 2023 00:25:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C66C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuw71SvY2jNxg5Um1oyUxXoi7Sia2qlnV47ZLjiVZgJsPvQnx-LiF8QygbIln0X1c-6ztiS14RNdYV_r7xUzwgHow-oG9zij98cSf9N76UEOZBm2yKxkeuY4EaexJT2&sig=Cg0ArKJSzMfrGN4geoMyEAE&id=lidar2&mcvt=1287&p=60,295,310,595&mtos=1287,1287,1287,1287,1287&tos=1287,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696469804759&rpt=1828&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
frontend
s8t.teads.tv/logs/studio/ Frame 60D7 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
player-sprite.svg
a.teads.tv/media/format/v3/assets/default/ Frame B630 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.teads.tv/media/format/v3/assets/default/player-sprite.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ba7f40e2b4080979389e9b81e6d0ed155e9b7f74b3310bc1289ee70cba2035d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:47 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 14:33:57 GMT
x-amz-request-id
ZAF1TX29E62VHY19
x-akamai-ew-subworker
8096267
etag
"6a80cb691946e09ba579b0f8456aae28"
vary
Accept-Encoding
content-type
image/svg+xml
x-datastream-cache-status
1
cache-control
private, must-revalidate, max-age=16070400
x-bucket
5
accept-ranges
bytes
content-length
3379
x-amz-id-2
PnGPTjCXFUvjFJPXrGv6MwhgDD4Eqg4WkgJrtrB3aaRS5g0Mk5rooOoyyS1uHQE4xgOQgbmYAZg=
expires
Mon, 08 Apr 2024 01:36:47 GMT
frontend
s8t.teads.tv/logs/studio/ Frame 60D7 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=impression&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805424&cid=1124771&pid=169092&data_costs=au%23ts%2310223%23USD%23isG-bd95x-i4tgKLPYH2zKzr&data_revenues=au%233120916%23USD%23fu2QycjQJlmC6ut6X9E9GLkA&fms=9&p=tsPggsCqn0vEV7f5nmBtZH0n2nyaVQBMp4yCGJFFmllI4ShavdRx2MRam2hU6c0u3TQ5t6ZACto83g8a8utsFwHA9VTW4PCsT10aPMKG2v9mD4ygai_0wawmfcOKpwoLSPkCTf8rjRL9XD41er0YcrQ3vwS4p254PqXsPUIE8utQJ-g2eY4ChBYLv_V0IGZZP_eTTatFwg2upbMib2N27J8mKEoWyntJD2yPQDnLy6175tnOycQRjcO6TfTDqGXNL4nyEBLOus8EfDeCDoo2bQ31ODVjb2KlWXFP4Z8ExtHmSYF-Osr2GBP2JAvKZN6xOiMFRRJ33WG38X9P7_-8QHL4POLvGxfPCAG49MgMg2kmog&cs=828634485362417974305&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
studio-t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://studio-t.teads.tv/track?action=studio_impression&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&random=61706625&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=start&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&cph=0&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805428&cid=1124771&pid=169092&erevenue=K3mjeCLDBBKsofbLPnnB-EaZ&erevenue_curr=CHF&fms=9&p=h9FZtfYwvtqw7AF5mC0MzYCmm1Dwml92QxwDrbWbu5iysEjmLsBv7Yxt_j8RDhNokC74DeGrcQ3O0cfjUK6JHasYsx7d567zrL2mRk2KcotbCQz0blj4zGxmwG4Vui8DnmVB5QOK-al1kVHjPcD1YA3QfiE-rDnspb37dGljY_KL6Wp3KvyEFFaSdPLBmxplHRUGXN6wEwsJ8GCvQibgOvDjsOA87-TSU0kvLkkIfohZnEsZzNXBdXG_6p14JWaG3LS8MzduT2A5wiwJkquvviF0EBZv66GvzQjkcYbRiul6qazhieqCeWqRUdmkTn17MiqD8Hki0vSgOVjjrKgyO5lDniWh7GkUvZ-cpXWp9V7NyA&cs=-568123942561187648105&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame DB2D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CmiDvA1ugLoRP4TqCDif7gQ4gLsRbte9BGv1sxzP
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CmiDvA1ugLoRP4TqCDif7gQ4gLsRbte9BGv1sxzP
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CmiDvA1ugLoRP4TqCDif7gQ4gLsRbte9BGv1sxzP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame DB2D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3510831004177336434
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3510831004177336434
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3510831004177336434
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame DB2D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=863c468b-15ae-8058-bb4e-99a3e88e84ad
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6Y8RD9PVFKVBS6WBFFWY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame DB2D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=deea3af6-0904-3ba2-7b40-1b3480bd4f4d&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame DB2D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjI4NWU5M2MtYzA3My02NTA2LTZlYTAtNDE4ZDRhNWY4MTJk
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DB2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHDsVLLckoMofqZu25o2PRY&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHDsVLLckoMofqZu25o2PRY&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHDsVLLckoMofqZu25o2PRY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/ 		720 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 05 Oct 2023 01:36:48 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
activeview
pagead2.googlesyndication.com/pcs/ Frame 18F4 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvppkqTkjqp-1jUwqzQHiZ_Orbh327aWNANrvVqF38I6Yqt5kLQA2golG4iGjgkFoB0tFQ_lZXjps1Ejj6ivtsPVDFxhgvoYlndl-Yr0cYqr7apDvy0dnurGJp1stxnHD28RfY-p9K312XSbmzTHI3fNmJzMPJENfbf-s6c-bRZwLZRqUpnRV7gtCfieORI0cAlcRBhRte_Ir_cANJiaHGDWBTmf824imDoIEZxxfuHBBHtqbyhfAtwFY7Pc66Cy_HrT0GM2lzkZh0cNc-bDjRbuH9qx7apJwhLDEV2khdP56Gpc1YT8T74insJtmdmLoQ0IhM5ue4kRxxldP9GX3fWoY4A6dWOIj28YttDEoaKBC5NnslwVTQY64eQXhlonclfLjLl-ZtKLZCzkNAd5f3pYE-doRqUmq95XQgW4CnVEByHf9VHqnSTHaCatAwiD6USapWwHjneagURhYkKZmQj-DHM5JeRy3WW7MOzRsGaN2W-8iASHeoVwxQsfeHfAWwARzVRu9uUMrSnO3PX4CKNUvd15CB7eOfdoYMEP_7SxffA8jG6rPfaGrRP4vnXuZJzv2mGAFRKCCTa1UNuWn6vepDZ1WWTF5RjbbudssDmI-WnGokagJ3HjXjnUr4rvd5zLeQZdpYrHpancqtEPnRHzgFhh86Bz3acsbtJ2LGAje11Sct19W7Ldjel_ocGR4Lo52BnincAyAQ5rnD4aRdfv3qE_nH1i39BRvP3xzU2zuaIvkFueTMZFJFuBlYuONG2XjWd5LntePsRN2eoOZfG8CtklLya5a5pB9ZxVZMbbS2O4JdkynwTfCl5coqP07c8ftLKki1tp3arOGQic_noai3jD4xEAxB8Z6BS0iZhgtTgf9aJz3iBeirYRIs-P6ahejCDWD9tIjC7GFvfiHl1d3noXEHo0iZXr0MIkQZlmm5HNGSyNTsqR1GqOE0BhqtCYF1ykWjzsoVqhZNOEmYiAhUnfkDCdNAFeA6wAbpB-Xe1mqiWfMerZo1Zjojs1EvegB3SNHMY5jdGjw1E5UhQzLx2bQxF-vBQqkBap_f3NMPc2wBc_BBNBzVQI5AqgsYZR-EOO1bA6Ys2JjxgwZhIfGcN7tkuJzGZcxYHz4Zv6UD_s8z5gIO2ZegIbmeus2vWAyK0_3Qf5AmmnkvQSaYkpHFrU29g7bLysx-gbYXrSEPHbjiV9FdOy7L68k_vaTMBWYPfwzqveePN7hq-O1kYJgj1_ebSEh39qeFyAF7wMX3X704sYqZg16825Fa6q-Vu4vJd7PE8HJfhkdY07-4F59LrBS9XU-EJXP9G1X5WeHhd3EsnHl7r1_S3xt1_Q2KpoCUGXF4LeZ2dzLUEwvaqxwe3EMgTjuPCWYRDp0LZEM7nFl2CkiwZSv9AxGL8qEjbBCCzSngwS87EDacQFjWa85ECbxR-Mrce646733MKPIxnCeDwmIah7iSkfCaB6U8ndpDd7agOOOoR9_mqeK3c8sBXXYUiEb-bhrcPVWTRM06V1xmKtraXVUBaTpzTTpX_pOuWup0LD6Q1UNNJI1aVtY9zONzIsb2REmQgadbwzLc8FjG5QFn9YkUUMMlSUdBMDmQ4f2OUb-bHSO_KC2o&sai=AMfl-YTNPlTqPDozFh7ddLMWf0MVTnN6AqV617xFGKI3CCXGhXv9tygYPcnqeOFO-zzkCr6Omn_alKn3LJH3Dw3FNdYay5LY8z1lqBNddWCji4ivPSOSRajUA108KHwXqQkptur4ZhK8krIdQw&sig=Cg0ArKJSzLaKxxClp2bKEAE&cid=CAQSPADICaaNY_IGdid92FnmBBfTYt1kEWzEHqIY4YUbNar4_xRFeGCPqcJVXxRjktTQrUEcQ4LW0AUh1o9QJxgB&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1522&mtos=0,0,1522,1522,1522&tos=0,0,1522,0,0&tfs=1262&tls=2784&g=100&h=100&tt=2784&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696469808077&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1558&pt=1083406078&tz=120&viewable=true&ddast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!u2822_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e4d787d977deaa3b633bd08c19c485581b0696a29e3b97bad2f8be2a4b01cf0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 05 Oct 2023 01:36:48 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1486
x-cache
MISS
x-served-by
cache-fra-eddf8230021-FRA
pragma
no-cache
server
nginx
x-timer
S1696469808.089077,VS0,VE47
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame EA6F 		975 B
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2123
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNEv1Xtgo8qfCh7ohBLDTlKfKAjar4%2BOBVu7V6Q8GHIFDf%2BuoiLCAFSaozZun%2FzSdt%2B9ns9zElAKQOCb2jhnEpA%2B9zMU0B9n5oJLubJhAhQD1iawNLKp8lH4CVpS4%2BmZw4gNy2BZ8S1aKvz%2Fpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8111ef8ccccb2c26-FRA
13926
g2.gumgum.com/usync/ Frame 3B1B 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.35.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
019b8c7cadd7f78124a960ba9cc838ba69b25d34ef0e472e60f4a867d0fc3725

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 05 Oct 2023 01:36:49 GMT
etag
W/"04d4a77f9c057cab60d1b3bd16dce6e78"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 351B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 8C70 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.228 , France, ASN16276 (OVH, FR),
Reverse DNS
ip228.ip-217-182-178.eu
Software
/
Resource Hash
218a0bba5fdbf013660d772fb17871afb9cf0fdab17f9a24908c4cc436c86d76

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
951
content-type
text/html
date
Thu, 05 Oct 2023 01:36:48 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F407 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c8d952588a93ecd0d6e4d1827af0d23a9d17325eed814c571c42a7b5181a41

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8111ef91baa024c2-ZRH
content-encoding
br
content-type
text/html
date
Thu, 05 Oct 2023 01:36:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wl9fclxObg1SfiAXd6Eot6HylDTh%2Bdn%2F6eLsb0sdieHQdtqPaODaxfZGcwEi7xS%2BQkIQ%2FrlaejMsGJ4ZPYrZHqC0BAHBI9s7Nz3Rxeb2%2FA9imeKruBhNi%2Fo0wZobtqqXC5fevGneu0FEgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A067
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Oct 2023 01:36:49 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 05 Oct 2023 01:36:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0350 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=168027
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 05 Oct 2023 01:36:49 GMT
expires
Sat, 07 Oct 2023 00:17:16 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame EAC0 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
1cd9c4774e7dcc5ce58b6a0a17a964b3f60586c308242ee53dcf552e97a8cec5

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Thu, 05 Oct 2023 01:36:49 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-id
k_EFDjhEL0P7lLVp8gJOVICVQeqoKR4TGGQaFoYGvesI9lyNvNQZrg==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame 2818 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Thu, 05 Oct 2023 01:36:49 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame CE6E 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
75.101.242.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-242-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
90adb1a8b98f9f4ef679da8861adbc25ebc7588d5234a54aef4b12ac0cd3b570

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
713
content-type
text/html
date
Thu, 05 Oct 2023 01:36:49 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4930783210065455397
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4930783210065455397
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:48 GMT
an-x-request-uuid
8b4e24db-c37f-474d-9f6b-c99cc825be0e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=4930783210065455397
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HbsArRZHJK9Add47SEa8-pQi
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HbsArRZHJK9Add47SEa8-pQi
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HbsArRZHJK9Add47SEa8-pQi
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 62FC 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 05 Oct 2023 01:36:49 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696469809019
  • https://ad.turn.com/r/cs?pid=45&rndcb=2069554328
  • https://sync.1rx.io/usersync/turn/4376977297601938432?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003
date
Thu, 05 Oct 2023 01:36:50 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd1a22936ea834ee6beb968951a05efe9003
content-type
text/html
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5144588526728100321
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5144588526728100321
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5144588526728100321
Date
Thu, 05 Oct 2023 01:36:49 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=b620fc49-c1a3-4124-ac4f-0a86a8378871
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=b620fc49-c1a3-4124-ac4f-0a86a8378871
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-95
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=b620fc49-c1a3-4124-ac4f-0a86a8378871
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Thu, 05 Oct 2023 01:36:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
date
Thu, 05 Oct 2023 01:36:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-9fbf5bc1-b348-3665-a80e-caf261384f62&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS05ZmJmNW...
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS05ZmJmNWJjMS1iMzQ4LTM2NjUtYTgwZS1jYWYyNjEzODRmNjIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS05ZmJmNWJjMS1iMzQ4LTM2N...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-9fbf5bc1-b348-3665-a80e-caf261384f62
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-9fbf5bc1-b348-3665-a80e-caf261384f62
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-9fbf5bc1-b348-3665-a80e-caf261384f62
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
date
Thu, 05 Oct 2023 01:36:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 62FC 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
sync
ads.servenobid.com/ Frame 62FC
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 05 Oct 2023 01:36:49 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 05 Oct 2023 01:36:49 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5848 		2 KB
983 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d5729623f3c72dc0c20850f5e08a58a22e697a7fba2b28ad87b0ca712c3b5d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8111ef91eadf24c2-ZRH
content-encoding
br
content-type
text/html
date
Thu, 05 Oct 2023 01:36:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0T32zWw1GbD0dUXrpYmWfU36KoXxecrnxY84G5zZ9yxhg6SZRrhjV2T45VnagTG6yhPpfQpflaplU%2BJf79cvAhNiAqSOD5GIx6WO2%2FiJD6N%2BE0imFyzU%2FbXcPsO6WVXPyWBFruywBpmqhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame AF0E 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:48 GMT
an-x-request-uuid
09eea03a-0f6d-4457-95c1-9aa6879b4044
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
frontend
s8t.teads.tv/logs/studio/ Frame 9407 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ad_request
ads.aralego.com/ Frame EA6F 		661 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.3811005092193196&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:36:49 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.holmesmind.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
0a6c31ad-e702-34a4-899e-2a9f3b737598
X-Adtype
html
Connection
close
Content-Length
661
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 3C4B 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
637658
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8111ef8ffce9921a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
generate_204
tpc.googlesyndication.com/ Frame C4C0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FYAbXA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3707 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a74681c0934ab435c04e7b0de3990d77f1da81d5ecf8aed4a4a2b93096c10b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12160
x-xss-protection
0
frontend
s8t.teads.tv/logs/studio/ Frame 9407 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
player-sprite.svg
a.teads.tv/media/format/v3/assets/default/ Frame 748B 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.teads.tv/media/format/v3/assets/default/player-sprite.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ba7f40e2b4080979389e9b81e6d0ed155e9b7f74b3310bc1289ee70cba2035d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:48 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 14:33:57 GMT
x-amz-request-id
ZAF1TX29E62VHY19
x-akamai-ew-subworker
8096267
etag
"6a80cb691946e09ba579b0f8456aae28"
vary
Accept-Encoding
content-type
image/svg+xml
x-datastream-cache-status
1
cache-control
private, must-revalidate, max-age=16070400
x-bucket
5
accept-ranges
bytes
content-length
3379
x-amz-id-2
PnGPTjCXFUvjFJPXrGv6MwhgDD4Eqg4WkgJrtrB3aaRS5g0Mk5rooOoyyS1uHQE4xgOQgbmYAZg=
expires
Mon, 08 Apr 2024 01:36:48 GMT
frontend
s8t.teads.tv/logs/studio/ Frame 9407 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1255
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=impression&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805489&cid=1124771&pid=169092&data_costs=au%23ts%2310223%23USD%23YD-YImxLooZhSZm_4PJ_O3Az&data_revenues=au%233120916%23USD%234_zeJQ-LhGmuP002qJc-89_n&fms=9&p=8cogNumE2gtixUtwWsVwhAU_5dFWFkQ1w-hekH_OmPUhdluMxIQNPdAQcQsNW21RstsiBK8aLMSJFG_BoGV1AtqVOROmCnhMsmYeR9ZDr2Hvy2mUcYKQF5L1M74YzG-NZ8iHChT4z1oB19JkywJubWnh7vvVusJvalE74fViKJ4X_4pURhVU5YBRQuztenygScN74UrFal9QYKrfTdn7d2bGnDCqZFI6uS_zYZPziDa2PZuCxdFecWi0t5npj4PMvB5XH2ag1ybrgxdy489l-O6pJIdJFp4aqD8qaOoDnipSV2J1icqPNYuEjI2VjBzpoQIprbcZPscfyygvYOLFby1vx6JOHuRInkTSzdpKIooEFA&cs=-423740912903559133905&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
studio-t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://studio-t.teads.tv/track?action=studio_impression&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&random=81641903&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=start&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&cph=0&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805491&cid=1124771&pid=169092&erevenue=kwMv_RBMAf1y5sBvB_Kn9VGE&erevenue_curr=CHF&fms=9&p=iuine4NT4r5Bt_9Yloz5yoT2xU1J27eWe3bFPVsq5iYmONISgBSlwjkBVCQhctZVQcq3txSDq8sInfTZcCeG0eKg9GSzKPO2cGnOkfpeT-srgQ6XUd0QfrZtYKmJ8K2r0dJit55HJwivDYaWPTO7Qg2nNTF_bIr-YGg0yDwEySeBMEAtvXFEVr2QbAFSvuvcKp8336JsxVrMak8K45m8VCa25yd4JRtSFgWQAjRTz3M1Y_nTCrZOysqRatEKZRZGw5e5n4x1qmMIMELhjheiEVaCQGE1emIts7ccZ8kteZY_ZSY4CJhTZOMWNQe0zHBvhv6T62rXPvtbxO-Z7Da5Pdr7nP-z9Y171DLIwBnG8sbYCQ&cs=31980638594641956105&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
video.high.mp4
s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/ Frame 60D7 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/video.high.mp4?1bce3b376a8379593c68d20030ca704c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
614743e498d93cb511832a9a094873efb529fb5d73ab0fb18eb62683b3497bf9

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=425984-

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
x-amz-request-id
D1TYSRT1C3FBVV1Y
x-amz-server-side-encryption
AES256
Content-Range
bytes 425984-1648781/1648782
Content-Length
1222798
x-amz-id-2
JCcI0U5pBdBLUTbR1lwKvq4/ANLixWLQXtzPKJ4lHMbPzCYGDqxLGrLjTMYuwehOQp/QaFmVPIA=
last-modified
Tue, 19 Sep 2023 12:24:08 GMT
server
AmazonS3
etag
"efeca5fc91761272ff97f20cae9653db"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 04 Oct 2024 02:43:29 GMT
dcm
s.amazon-adsystem.com/ Frame F407 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J8VBKJJD58C9AJGRBP8C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F407 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame F407
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGCXmSjt8pUqkrTAO7p8XFs&google_cver=1
43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGCXmSjt8pUqkrTAO7p8XFs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDk0%2BqoAVG47UGnXmFlUI9XrZp7nO%2FlAbHAvgCRjm53VQqFu1Lw2jQt1Wd%2FtKwte8ltRQ5QVRXS4m0OmnRtVpLxPmRGu3Nwofx9FjIkzJiYlPQANAGB4tdZ%2FhaTzqRVF89IKBQBxHBAKVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef96a92424c2-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGCXmSjt8pUqkrTAO7p8XFs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F407
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4930783210065455397
43 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4930783210065455397
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
2606:4700::6812:1bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruNg5ZkB7EPFQzPB9%2BszPSAkaAN6m%2FzSUF7xq8qzKMsMSoO7yYsDIyacS%2F45TYsK%2B4lvAnhThexoxKuXb1Jano2OsI37kcunTfX3jtzPmhK%2FVeMZJYdf4kdECQzuG8eXQkfHO34YAT9BIkCerj0iGXGF%2BD3Fww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef96a9e223df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
an-x-request-uuid
a266a5ec-bbea-46ac-b3e2-0859480a60a2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4930783210065455397
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame F407
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b396c45d0cc1419d8e4d59e6b7c79f15
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4376977297601938432
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b396c45d-0cc1-419d-8e4d-59e6b7c79f15
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7111c108-b99e-43ea-85ee-d8e78a48b604%3A1696469811.6869104&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7111c108-b99e-43ea-85ee-d8e78a4...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588526728100321&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7111c108-b99e-43ea-85...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=7111c108-b99e-43ea-85ee-d8e78a48b604%3A1696469811.6869104&_=1696469811.6889572
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc3MTExYzEwOC1iOTllLTQzZWEtODVlZS1kOGU3OGE0OGI2MDQ6MTY5NjQ2OTgxMS42ODY5MTA0EAAaDQi0pvioBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEC67YP5I179Fxh3T7WZyzbM&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEC67YP5I179Fxh3T7WZyzbM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEC67YP5I179Fxh3T7WZyzbM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/indexscod/1/cm/ Frame F407 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame F407
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=5d2ffc1d5e191e&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHuRxlR7zSCAMDlX85AAAAAAA&expiration=1696556209&is_secure=true
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHuRxlR7zSCAMDlX85AAAAAAA&expiration=1696556209&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETFbn%2FJd8NacfmIyuntp6RHaNB1lGI9R8jadZO2J4Ydl3Drfx0M2b1uFG6WNgKaziMNVlZSRnVQcf3THVTUhjpePYB6m5ZojSD6psBJWxVFtVCdU1gg0jaOjORz4hCxPacW7akgD"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef984afa24c2-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHuRxlR7zSCAMDlX85AAAAAAA&expiration=1696556209&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame F407
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7691908098323334144
43 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7691908098323334144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
2606:4700::6812:1bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftzu7SQFXP38qbPRecT9gKHhFQreZoaAwdBqnRJj8CYGn3RMfKxnIwLdaGYnHfUsdT0mTAvySuMW6mZT6iug%2Fn1SupLY5GojowCKQq9ts%2BdchSFbFJETlXKiPn%2FZNVbWAIgLnItGwM7%2BcMZMJA3YCZGPUQIc6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef96fa0b23df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7691908098323334144
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ads.servenobid.com/ Frame F407 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5848 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:66f9:a65a:1e1c:e51e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5848
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:66f9:a65a:1e1c:e51e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB
date
Thu, 05 Oct 2023 01:36:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame 5848 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1696469809497070-417
Expires
Thu, 05 Oct 2023 01:36:49 GMT
crum
dsum-sec.casalemedia.com/ Frame 5848
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEi_07KPCYAABjTPVueOA&expiration=1697679409
43 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEi_07KPCYAABjTPVueOA&expiration=1697679409
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
2606:4700::6812:1bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8%2FAbBc7NCV%2BTuVIPSqRfJkTjRrF5GNaymfmbz6%2BM8lQu%2F2xdJ%2FmplDn%2BT7BHii9SoHmRGBlVkJrTdmjHcyuNhaeyt9IZTruS8Jc1mgpBu%2FWSOn9ixxx3REN%2Bso4Z%2FFceDikxleoC8hfJ2ijrtVGjZUZLG7BKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef983adf23df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEi_07KPCYAABjTPVueOA&expiration=1697679409
Date
Thu, 05 Oct 2023 01:36:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
dcm
s.amazon-adsystem.com/ Frame 5848 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RAWY0FGKPYMA3NKTRC88
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5848
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9a51f9863f05423fb39e71b2317e9bee&expiration=1699061809
43 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9a51f9863f05423fb39e71b2317e9bee&expiration=1699061809
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
2606:4700::6812:1bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwYHOd2ziGWV1yBR%2FAk%2FfJDZjctcL51jd1LJ%2FhvUa4FcY%2F8%2Bu7r%2BHjPxjeG0or9eCtSgD36wHD9%2B07isYnjlryBDTW1XgUG8uJolT2RH4%2BOqULPd7Am1cuMqvagUyuTCcSteyYK53gJaAAliAL37Bf5YxNSaeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef96fa0923df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9a51f9863f05423fb39e71b2317e9bee&expiration=1699061809
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5848
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=40ba6149-2144-4dd8-9659-f5bcf4b09826&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=40ba6149-2144-4dd8-9659-f5bcf4b09826&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
2606:4700::6812:1bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k4qYNhRV15JfNkYo5GFls0QrPeKkxB%2BhOBXIe7IWgKbciShfz6x7nTOY%2BiPAJvhpGLoiwdubpQaEUfjkXK8X6vwgmfyODzTkG1%2FVbFuooHPGcok5gx5rhG41yfy2y0wMarDbZBhYeMBBxYcGEP00HL0%2B5VCQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef974a3223df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=40ba6149-2144-4dd8-9659-f5bcf4b09826&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 05 Oct 2023 01:36:49 GMT
server
_
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 5848
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGCXmSjt8pUqkrTAO7p8XFs&google_cver=1
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGCXmSjt8pUqkrTAO7p8XFs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjHKC%2FzYRlsEMKW0Y%2BoS%2FZpA7ziwvlr4SyCm0v2mpmgVu8xjR%2Fkr8oMD6yUf%2FyC8kbmsVxqTM6%2FVHNbqgAcHTP5lnTNGWEpQ3y%2FbVhqC0NErQUPhsaSopHNPSCVtldhfLKONZYUwWzvxvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111ef96a92624c2-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGCXmSjt8pUqkrTAO7p8XFs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5848 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZR4TLD8J.Rbq8oGvwfm8gwAA%263234
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
3558
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111ef95da6623af-ZRH
content-length
43
expires
Fri, 06 Oct 2023 01:36:49 GMT
usync.js
eus.rubiconproject.com/ Frame A067 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4fa2e54f14f97f0dbbfe4b2045f78e943a2707afc0f3fa747786cfba7388530f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:36:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 00:24:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82130
Connection
keep-alive
Content-Length
10463
Expires
Fri, 06 Oct 2023 00:25:39 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3707 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 01:36:49 GMT
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4930783210065455397
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4930783210065455397
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
an-x-request-uuid
bf2d96b5-bd13-4e47-b059-dae27e2de51e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4930783210065455397
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c9fe4365-7f12-45d5-ab24-9a4851336768&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=47386a96-cf22-41d2-b0e2-9458f41308dc&ssp=gumgum2&expires=30&user_group=5&bsw_param=bac187e5-310c-4a69-8234-373032cc077a
  • https://usersync.gumgum.com/usersync?b=bsw&i=bac187e5-310c-4a69-8234-373032cc077a&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=bac187e5-310c-4a69-8234-373032cc077a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=bac187e5-310c-4a69-8234-373032cc077a&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame 3B1B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Jyv0iL7NCXP-aAbSMLCb6XFLIQ8hFXZhJQP4CJNQMBguzw6esNqV4qC-sDDT_xpo%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_c9fe4365-7f12-45d5-ab24-9a4851336768&obuid=ENC(Jyv0iL7NCXP-aAbSMLCb6XFLIQ8hFXZhJQP4CJNQMBguzw6esNqV4qC-sDDT_xpo...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:36:51 GMT
Cache-Control
no-cache
X-TraceId
b0ceade014cf3fbd47c8faed5b4cb8c2
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Thu, 05 Oct 2023 01:36:50 GMT
X-TraceId
677625f10d8aa606ac246428e8cf5f7a
Content-Length
0
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=29d79e86-2111-03f4-1c3b-0bd948ed4e0b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=29d79e86-2111-03f4-1c3b-0bd948ed4e0b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 05 Oct 2023 01:36:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=29d79e86-2111-03f4-1c3b-0bd948ed4e0b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8175dfd8-597c-5ea2-4123-d74034804d30$ip$195.206.105.132
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-8175dfd8-597c-5ea2-4123-d74034804d30$ip$195.206.105.132
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-8175dfd8-597c-5ea2-4123-d74034804d30$ip$195.206.105.132
Date
Thu, 05 Oct 2023 01:36:49 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-jglVPyVE2pcULbGNYewgawY0uypfVvYOJ0DC~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-jglVPyVE2pcULbGNYewgawY0uypfVvYOJ0DC~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 05 Oct 2023 01:36:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-jglVPyVE2pcULbGNYewgawY0uypfVvYOJ0DC~A
content-length
0
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1c4cda93-bcf8-4089-bffa-fbb152e12560
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1c4cda93-bcf8-4089-bffa-fbb152e12560
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1c4cda93-bcf8-4089-bffa-fbb152e12560
Date
Thu, 05 Oct 2023 01:36:49 GMT
Connection
keep-alive
X-CI-RTID
62aeca03-abe2-4b3b-ab38-4ab64e2726df
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 3B1B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_c9fe4365-7f12-45d5-ab24-9a4851336768&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=hE1YiFaumuLT5SiXSquQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22CFGFMWSRTBOVWXKTCUGVJWSWCTOF2VC...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=hE1YiFaumuLT5SiXSquQ&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=hE1YiFaumuLT5SiXSquQ&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:50 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=hE1YiFaumuLT5SiXSquQ&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=e13471e4-f332-4795-8520-2b18f81aa252
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=e13471e4-f332-4795-8520-2b18f81aa252
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=e13471e4-f332-4795-8520-2b18f81aa252
access-control-allow-origin
*
date
Thu, 05 Oct 2023 01:36:49 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=FFtPw5RPtO8r&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=FFtPw5RPtO8r&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=FFtPw5RPtO8r&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-b6f574bf6-86vmn
expires
-1
usersync
usersync.gumgum.com/ Frame 3B1B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3502985708059721799
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3502985708059721799
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3502985708059721799
date
Thu, 05 Oct 2023 01:36:48 GMT
content-length
0
sync
ads.servenobid.com/ Frame 3B1B 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_c9fe4365-7f12-45d5-ab24-9a4851336768
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BD49 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbeae705d4be5e0be558f5eb697b86bddad0ae4ca1f5aa5941c82fcb764f0b84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29413
x-xss-protection
0
server
cafe
etag
544 / 19635 / m202309280101 / config-hash: 7490124171647261433
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:49 GMT
video.high.mp4
s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/ Frame 9407 		1002 KB
1003 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/creative-1fb1bc80-56e7-11ee-a34a-f15bea477743/video.high.mp4?1bce3b376a8379593c68d20030ca704c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
710ccb5a041f38a2c181412d864edcdd8e46ce797d2365984bd4589e0f781ac4

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=622592-

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
x-amz-request-id
D1TYSRT1C3FBVV1Y
x-amz-server-side-encryption
AES256
Content-Range
bytes 622592-1648781/1648782
Content-Length
1026190
x-amz-id-2
JCcI0U5pBdBLUTbR1lwKvq4/ANLixWLQXtzPKJ4lHMbPzCYGDqxLGrLjTMYuwehOQp/QaFmVPIA=
last-modified
Tue, 19 Sep 2023 12:24:08 GMT
server
AmazonS3
etag
"efeca5fc91761272ff97f20cae9653db"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 04 Oct 2024 02:43:29 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 787C 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1148183669075701&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTeudBVNd4Gg_129X3DxgEw%3A1696473403%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=B1E45CD1-8810-40F5-B5AF-5A511C38BCC5&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793966%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=1696469809384&cookie=ID%3Dbe52cc7a3cf7e403-221a94f07fe4004f%3AT%3D1696469802%3ART%3D1696469804%3AS%3DALNI_MZzgclkqTlR5UL42V5RNVtVxeaoPQ&gpic=UID%3D00000c8e1ae89344%3AT%3D1696469802%3ART%3D1696469802%3AS%3DALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ&scor=1494196159469967&ged=ve4_td8_tt3_pd8_la8000_er698.400.699.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 14F8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=3510831004177336434&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=3510831004177336434&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.35.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 05 Oct 2023 01:36:49 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 05 Oct 2023 01:36:49 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=3510831004177336434&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 7CAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZR4TMQAAA1yYQwA4
  • https://usersync.gumgum.com/usersync?b=atm&i=ZR4TMQAAA1yYQwA4&gdpr=0&gdpr_consent=&_test=ZR4TMQAAA1yYQwA4
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZR4TMQAAA1yYQwA4&gdpr=0&gdpr_consent=&_test=ZR4TMQAAA1yYQwA4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Oct 2023 01:36:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 05 Oct 2023 01:36:50 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZR4TMQAAA1yYQwA4&gdpr=0&gdpr_consent=&_test=ZR4TMQAAA1yYQwA4
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230068-FRA
x-timer
S1696469810.325870,VS0,VE0
async_usersync
ib.adnxs.com/ Frame AF0E 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
an-x-request-uuid
e3f697aa-8fd0-4a92-8322-79c554ee51e9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-rtb.minutemedia-prebid.com/ Frame EAC0
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=47b3d8f2-7696-04f6-03d8-02c3c0bec5a8
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=47b3d8f2-7696-04f6-03d8-02c3c0bec5a8
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
2ypNhZU0JjYk5AmXf4pu-RS86Tiby_41Vp1tPnTqErzMGfuwuFAREg==

Redirect headers

date
Thu, 05 Oct 2023 01:36:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=47b3d8f2-7696-04f6-03d8-02c3c0bec5a8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
ap.lijit.com/ Frame EAC0 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 05 Oct 2023 01:36:49 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame EAC0
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
urvao6MEuWj_VBbFWB8QAfGFn_qbUSCxzUmR3aT2x2HST8aQgmOZLg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame EAC0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
RFeVSPEln1ASzTLwh7cuqX3mTs1jT1LszkvhXPhOMBj6KOUPnMdxFw==

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7DXcjVnwNa4tZ90jLo%2Fzyeq9WIkCgZrRcIZU7ALqYtqViZZAUOOdAfkcIMl6UY4B27V5zegSqXvte7baG5L41VH8Wj1JpBLFhm%2BQWulDf6RvcRkaQ3vktNHps2JsnT0oa22HVNBrhiB5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234
cache-control
no-cache
cf-ray
8111ef96388424c2-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame EAC0
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3588385148432503341868
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3588385148432503341868
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
nuQiyLE3fwrwMD8crhF5OcAdzyvpIpRLgtWiBNHyrvMAjord336bUg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3588385148432503341868
date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-rtb.minutemedia-prebid.com/ Frame EAC0
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=fd4b58a756251777045817d32d79c87d
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=fd4b58a756251777045817d32d79c87d
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
IXHimEdIDOq5tcH3nXCwoeMxDXX4ezHbWm3S5Lb5CtHGjWQRYSC2SA==

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=fd4b58a756251777045817d32d79c87d
x-kong-upstream-latency
4
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame EAC0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4930783210065455397
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4930783210065455397
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
an-x-request-uuid
8d88e700-7178-4d7e-9003-7d34bdf42182
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4930783210065455397
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame EAC0 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=PkamhpD-kp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 0350 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84713178&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
051c59950af6c7aa2eb3263aad7c2dfaacc24fec20bb40a8ac7c838e498785f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 3D0D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jOWZlNDM2NS03ZjEyLTQ1ZDUtYWIyNC05YTQ4NTEzMzY3Njg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9E3E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=168027
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 05 Oct 2023 01:36:49 GMT
expires
Sat, 07 Oct 2023 00:17:16 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 543D 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 05 Oct 2023 01:36:49 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 9136
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZR4TMsCo5s4AAMPrLfwAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZR4TMsCo5s4AAMPrLfwAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Oct 2023 01:36:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 05 Oct 2023 01:36:50 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZR4TMsCo5s4AAMPrLfwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad303.dc4p.scaleout.jp
X-SO-IP
195.206.105.132
X-SO-Key
ZR4TMsCo5s4AAMPrLfwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"195.206.105.132","key":"ZR4TMsCo5s4AAMPrLfwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad303"}
X-SO-LB-Hostname
a-tgng40010.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad303
khaos.json
token.rubiconproject.com/ Frame A067 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LNCIBI58-6-6WQ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 4F67 		0
354 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8111ef968815921a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:49 GMT
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 7B3E
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_c9fe4365-7f12-45d5-ab24-9a4851336768&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=1f69e953-50fd-46b4-b363-4fcfaf713522
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=1f69e953-50fd-46b4-b363-4fcfaf713522
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Oct 2023 01:36:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 05 Oct 2023 01:36:51 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=1f69e953-50fd-46b4-b363-4fcfaf713522
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame 2CE6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=jzN6RAo0Hm0y9iaLVG5A&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=jzN6RAo0Hm0y9iaLVG5A&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Oct 2023 01:36:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 05 Oct 2023 01:36:49 GMT Thu, 05 Oct 2023 01:36:49 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=jzN6RAo0Hm0y9iaLVG5A&pi=gumgum&tc=1
pragma
no-cache
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A62 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_RDaLBMeZY7_LJW7x_APqLiISAAAAAA4AeAEAg&bg=!PzylPHPNAAYMG8UMLBs7ADQBe5WfOFwFu9fKv1cbulRz_ssWt8EHh8AySgdKvBKOrsTkFDI44T7WIUwf7omBcPs9L4dTAgAACpRSAAABjWgBB5kDSwpqOVyhHX1O-bFP7xqehwLPQvoBwULrByCwr2huLWKqRVQu_3mCpAadWHi2DcmNsyZajyyBTzUQAHWy27j_A-fF4bolc1lKa19d4EeDJImNF7zeMgSd0phDARQ1FLY9PCSSJcomGbRC1Ipxb2ZBgvRSI5igIyyHuI0AeKGLURx4AmG_v_VtQ-Bq2dDtMVOeO431RpPGl5f0u4zBI34h5nWzneUDflgauGlDFAgCE4f2IHXj6Ez9vQ6XgjbBiVuOdCKg-9u2nOA5I4y_i6FjKYCUptqKQYdyfmP1pDYXCCiwu6HP8GJKQu7aQmLO3K0C7kxuSfJOKDn-5HektIpSc_yzj3HZ7VS0lV7knW3gIKvT4DrKmoB1hMgZSMINFvve2n1adN3t1g_BE9elZZE088zuhqdE4VCNiMT2RPdvPDTvl5AJzCwxP0mSSAF1euGd9PROMf7RWRUvAvxIk4Frm213QxxR6PaZZHceTsw5Po26-cpG5hrGsJGeNBUDScLOd-hpjbzeWB3MaAsTROZ0AS80ab5vL7qGexLbWi9b8tGAipdGfKv39ZaXaVwpx0qEVwPOvTbPNfqaa9m4Wtqg_CuUeL_Zatn4ws_JY6aV0VobyXdEM3yjoCOmM9Fwj4nBxV6uo9CND6cFDFOZDqCCjJHIyj3HOFG1OxAlRz1fMHtNe2U349-eCpPkmaXmgCh2Z9drdmvOWCTErK0kC5fYCAI5Y4kRJ2ZkMNgqXhFyy5qNUccXBDtXVXGWQ4dXBHcBQZT4v02GtUtfbpCrvPco3PthBECqwObLY8Viku2BNlUvKuzjuG37VEunVWhUNpzOAg7TA_BDW3on5-XmXnnMEAjuvxlT4jx6vhNTf62jo3yarwKVIYN1bOqTqbOQ7AoAulu_mg9-CTCXbf9Np-kGQXOLqcgPQ3iPjMeHl9KP8hp9ybc3wiDfACF4n9Zxj4AILKZIW2VNSh2YolOw0O9zk0qPmLqGABe99RyrRZDiwTbxSvY5nxxtT0IfUkOh5-8JjAuZXOkrvg8-x3wTBwFujhAZAZTM6Kq4gvwMssp9s_T3Dn9xhQ9HEebSI4G0POE8q7grVnplVBlg5uf1E4cneoxZD5LAo-GN6oId-Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 7F5C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 817D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Oct 2023 01:36:49 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 05 Oct 2023 01:36:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C01 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
33099
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 16:25:10 GMT
expires
Thu, 03 Oct 2024 16:25:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9C54 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e12fdd144004905cb0357ae3812aa1a9506cbba47a20589bb4453ff1870fafc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j4Dy07KsYXOwMepb29uvzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-j4Dy07KsYXOwMepb29uvzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:49 GMT
expires
Thu, 05 Oct 2023 01:36:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
v1
match.sharethrough.com/universal/ Frame CE6E 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
cs
cs-server-s2s.yellowblue.io/ Frame CE6E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4930783210065455397&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4930783210065455397&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
75.101.242.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-242-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
an-x-request-uuid
c1973267-8722-40d1-ab1a-f4dfe34f5b61
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4930783210065455397&gdpr=0&gdpr_consent=
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame CE6E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=8b8333fa33b7c52376e89630e5b756&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=8b8333fa33b7c52376e89630e5b756&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.208.171.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-171-144.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:49 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=8b8333fa33b7c52376e89630e5b756&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696469809699055-503
Expires
Thu, 05 Oct 2023 01:36:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CE6E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4930783210065455397
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4930783210065455397
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
an-x-request-uuid
e5b4f9cf-a97a-4299-9c5e-9d725e266455
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4930783210065455397
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame CE6E 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=U3zmhpD-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame A067
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LNCIBI58-6-6WQ8
  • https://ads.servenobid.com/sync?pid=323&uid=LNCIBI58-6-6WQ8
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LNCIBI58-6-6WQ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LNCIBI58-6-6WQ8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
pixel
ap.lijit.com/ Frame C39C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 05 Oct 2023 01:36:49 GMT
X-Sovrn-Pod
ad_ap5ams1
csi
csi.gstatic.com/ Frame 787C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnciblx0&c=7029444888328&slotId=3514722444164&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame CD38
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 05 Oct 2023 01:36:50 GMT
server
Kestrel

Redirect headers

content-type
text/plain;charset=UTF-8
date
Thu, 05 Oct 2023 01:36:37 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ Frame BD49 		413 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
36294
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 03 Oct 2024 15:31:55 GMT
generic
match.adsrvr.org/track/cmf/ Frame 0B95
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8785372573
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8785372573
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 05 Oct 2023 01:36:49 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 05 Oct 2023 01:36:49 GMT
etag
RXd1a22936ea834ee6beb968951a05efe9003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8785372573
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
csi
csi.gstatic.com/ Frame 787C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lncibmwk&c=7029444888328&slotId=3514722444164&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793966%2C44797965%2C44801604
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 817D 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4fa2e54f14f97f0dbbfe4b2045f78e943a2707afc0f3fa747786cfba7388530f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:36:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 00:24:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82130
Connection
keep-alive
Content-Length
10463
Expires
Fri, 06 Oct 2023 00:25:39 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
79567aac-e5ec-5216-9fbd-a5f4faa3b6c6
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 6C1A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-216224078621457814
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/79567aac-e5ec-5216-9fbd-a5f4faa3b6c6
0
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/79567aac-e5ec-5216-9fbd-a5f4faa3b6c6
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8111ef9cdbb5921a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:50 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/79567aac-e5ec-5216-9fbd-a5f4faa3b6c6
sodar
pagead2.googlesyndication.com/pagead/ Frame 876F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=1768259464940280&bg=!QkGlQQ7NAAbjlzx0w5c7ADQBe5WfONnBfmQiforV48-KWzflC0YiCi0yvDHDa5wJSVWF5pKgRR34ypZPzW7z2BiFV6x3AgAACW1SAAAADGgBB5kC0LBl41BnZFqbTKPHQbDqrvzFG2H48MD4WQwzJFAkcY_ugFgGicmJbxoJw7dTsWksENWEF4Ooxkr7lmEiNleXqS52t5N4AE3NKY4biS7y8KOT7aYbyAHCVR-UELnBOAq8zeQAcKl2l4Mk7TOfegisrCeKpb_Bm9oyif9uACGceG9cX10nqi7njZ9Gy9zR7k_2mPmoC0QveT1ZwaKlqMj4JH2pXaFDj6n6lKf9b2AGH3cA4yKmU0wHricZm1mCOD1sSXaKxqBvMr0uiYRTODtEtK7seH8ranKdDKn0eQogEXbvocFnl1tX66tnmwnU_8j1IfCDA2xQ62VTyCleF0HmNChPL9l5UW_zAE-9MAQ_lQPpkQF0pAwSSIH-SaZ6Wwa2B-qzlZyAGSBIN3UVaS-bU_poeQnrp_UNsOZ99k8VyYOLLsgyl_6yz1WvWE0CAvjX3pGXl1vOGwfKJcQv-R76fvaaH-rUVPS3DpoxXD54DAQ8pYxM-RZdcgR4bWIgLRaJgqPY36RGJX93LXG0JsaIPiFfuem8Yv4k-RMympniOv5_h52L86Z1ruoq5Fnn2-3sylMQDUcTrz8f1jnWoVgcdTDPOnYogI-K116rBGtQl43JCkFha_Z84QPJF61ZulfYMkW0N0cE0MThs6Ktfv7LpFUViTytKt1isxGJ3w9UE1y8pUEsQTmLHKI-ckjhjqiOAre0S-x1cfzvDp6zdqAHP_4iIKLyPHejvOz9ZrTHU6PQO0cFDX7NyAefDOvh2HcrlmzmqvriZ12ZLoleLRiZ9yLwsRdhVypR-ksQJDRqWUnNOHXQqiAI7hWNI2s_Ghx_oi8XSuwJ495DRD8Roh4xl9SCyOMVnVw9UuTeILhti_3Nbdyg-RwUeh3peTjsNioFEuE7T2iuCT2gWjSszHHqnXgtvrl9B82DH6UsRTForqXDRfJLvokOELEyff3xGqH7wA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
520713edb940128271b8415fdb60546899d69ca507e2c16d6a8865d8a0a60040
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 699D
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/520713edb940128271b8415fdb60546899d69ca507e2c16d6a8865d8a0a60040
0
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/520713edb940128271b8415fdb60546899d69ca507e2c16d6a8865d8a0a60040
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8111ef9d6be7921a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:50 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 05 Oct 2023 01:36:50 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/520713edb940128271b8415fdb60546899d69ca507e2c16d6a8865d8a0a60040
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
sync
ads.servenobid.com/ Frame 8C70 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6824545069247987902&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 8C70 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 8C70
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6824545069247987902&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6824545069247987902&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4S041K4HQ8K490Q2R6EH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6824545069247987902&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 8C70
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4930783210065455397&gdpr=0&gdpr_consent=
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4930783210065455397&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
an-x-request-uuid
a686ebe4-3868-4603-9caf-6bdce2bc6145
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4930783210065455397&gdpr=0&gdpr_consent=
x-proxy-origin
195.206.105.132; 195.206.105.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8C70
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=fd4b58a756251777045817d32d79c87d&gdpr=0&gdpr_consent=0
43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=fd4b58a756251777045817d32d79c87d&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=fd4b58a756251777045817d32d79c87d&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
6
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 2D27
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 05 Oct 2023 01:36:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 05 Oct 2023 01:36:50 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4E9F 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Oct 2023 01:36:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K4R29TS2NGG3NYFPCV3H
ImgSync
image8.pubmatic.com/AdServer/ Frame D1EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4930783210065455397&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 05 Oct 2023 01:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 05 Oct 2023 01:36:50 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cs
cs-rtb.minutemedia-prebid.com/ Frame EEC7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Bzi9fwA-vnkcb7opBWihLQlovngcPul-CTusZUdG
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
0
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Oct 2023 01:36:50 GMT
server
istio-envoy
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-id
HEWkxvf07uRyYLDKoF7RlRdcPjnoev3VqANdFeNQ2QztKYcUnZNScQ==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
117
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 01:36:48 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 36B8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286282352608606349&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 05 Oct 2023 01:36:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 05 Oct 2023 01:36:50 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 0748
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_78a6957e-0cff-4a44-9ae5-e598e99ceb3f&bsw_param=bac187e5-310c-4a69-8234-373032cc077a&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 01:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 05 Oct 2023 01:36:50 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bac187e5-310c-4a69-8234-373032cc077a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
ImgSync
image8.pubmatic.com/AdServer/ Frame 04F4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gXXf2Fl8XqJBI9dANIBNMMPOaYQ&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 05 Oct 2023 01:36:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 05 Oct 2023 01:36:50 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 82F1 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 05 Oct 2023 01:36:50 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230068-FRA
x-timer
S1696469810.369859,VS0,VE99
Pug
simage2.pubmatic.com/AdServer/ Frame 53A5
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 01:36:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 05 Oct 2023 01:36:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame C5D1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFaV8wN0tQQ1lBQUJqVFBWdWVPQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAEi_07KPCYAABjTPVueOA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEi_07KPCYAABjTPVueOA&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEi_07KPCYAABjTPVueOA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6824545069247987902&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEi_07KPCYAABjTPVueOA&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 05 Oct 2023 01:36:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 05 Oct 2023 01:36:50 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 5FC1
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU57b3d93681b349868f2d1466565d6283
42 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU57b3d93681b349868f2d1466565d6283
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Oct 2023 01:36:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 01:36:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU57b3d93681b349868f2d1466565d6283
pragma
no-cache
server
Tengine
bridge
cm.adgrx.com/ Frame 479F 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 05 Oct 2023 01:36:50 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
cs
cs-rtb.minutemedia-prebid.com/ Frame 34C1
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526728100321
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
0
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Oct 2023 01:36:50 GMT
server
istio-envoy
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-id
n_oTIxBNyT7lQI0E5TFNanauRjqDLPGE_caSa-CUdHjDnx96H9mu_A==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1

Redirect headers

cache-control
private,max-age=86400
content-length
117
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 01:36:50 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame 3F6E 		43 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 05 Oct 2023 01:36:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame 3184
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8340022359660435394
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 05 Oct 2023 01:36:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 05 Oct 2023 01:36:48 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pubmatic
ad.mrtnsvr.com/sync/ Frame 1430 		0
0
cookiesync
core.iprom.net/ Frame DE72 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Oct 2023 01:36:50 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-18db5c3e5646@version_1.572
X-core-time
0ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame B4FE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8111ef9cfe6123df-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 05 Oct 2023 01:36:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8111ef9bcd9d23df-ZRH
content-type
text/html
date
Thu, 05 Oct 2023 01:36:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1827
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 5711 		0
0
sync
ads.servenobid.com/ Frame D674 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 05 Oct 2023 01:36:50 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0350
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T96xjFjgSqqE0GIThltI7Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=168026
accept-ranges
bytes
content-length
5606
expires
Sat, 07 Oct 2023 00:17:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 0350
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
54.77.82.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.15.19
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.9.121
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 0350
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=193833061
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=193833061
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
via
1.1 google
last-modified
Thu, 05 Oct 2023 01:36:50 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
via
1.1 google
last-modified
Thu, 05 Oct 2023 01:36:50 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=193833061
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 0350
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MTZlcnd0dTVXRVhURmFIaGs0b0lnU3AxZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3510831004177336434&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
34.236.109.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-109-207.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:36:51 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 05 Oct 2023 01:36:51 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 0350
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEZERUIxOEMtNThFMC00QUFBLTg0RDAtNjIxMzg2NUI0OEVE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 0350
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGP1zaxSnBtKXxWE7AtVI08&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
um.simpli.fi/ Frame 0350 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 04 Oct 2023 01:36:50 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 0350
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3510831004177336434
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame 0350 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 0350
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RsFr7.pE2uV8ktuZrbQE1wiSgR08_kw-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RsFr7.pE2uV8ktuZrbQE1wiSgR08_kw-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RsFr7.pE2uV8ktuZrbQE1wiSgR08_kw-~A&gdpr=0
date
Thu, 05 Oct 2023 01:36:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
4FDEB18C-58E0-4AAA-84D0-6213865B48ED
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0350 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4FDEB18C-58E0-4AAA-84D0-6213865B48ED?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:66f9:a65a:1e1c:e51e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 0350
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=47df6088-158f-499e-8c80-48b5a63f48d5-651e1332-4348&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=47df6088-158f-499e-8c80-48b5a63f48d5-651e1332-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=47df6088-158f-499e-8c80-48b5a63f48d5-651e1332-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0350
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3db917ee4b5c1937&is_secure=true&networkId=17100&version=1&nuid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI9U1sk9P0LwNJzh6XAAAAAAA&expiration=1696556210&nuid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&...
42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI9U1sk9P0LwNJzh6XAAAAAAA&expiration=1696556210&nuid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI9U1sk9P0LwNJzh6XAAAAAAA&expiration=1696556210&nuid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 0350
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4376977297601938432&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 0350
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:78410c84-3107-4d4d-9a08-bb01f39f3460&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:78410c84-3107-4d4d-9a08-bb01f39f3460&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Oct 2023 01:36:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:78410c84-3107-4d4d-9a08-bb01f39f3460&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 05 Oct 2023 01:36:50 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
3510831004177336434
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 5885
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3510831004177336434
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3510831004177336434
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8111ef9cdbb3921a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:50 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 05 Oct 2023 01:36:50 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3510831004177336434
server
nginx
8b8333fa33b7c52376e89630e5b756
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame E89B
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/8b8333fa33b7c52376e89630e5b756?gdpr_consent=&gdpr=0
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/8b8333fa33b7c52376e89630e5b756?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8111ef9bcb0f921a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:50 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 05 Oct 2023 01:36:50 GMT
Expires
Thu, 05 Oct 2023 01:36:50 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/8b8333fa33b7c52376e89630e5b756?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1696469810193064-395
v1
match.sharethrough.com/universal/ Frame 530F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
khaos.json
token.rubiconproject.com/ Frame 817D 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LNCIBI58-6-6WQ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
1085aac3c7d221d61f9901e5f550a83d1c3103577a6a162e7637eb8e73bda0d3
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame C87D
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/1085aac3c7d221d61f9901e5f550a83d1c3103577a6a162e7637eb8e73bda0d3
0
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/1085aac3c7d221d61f9901e5f550a83d1c3103577a6a162e7637eb8e73bda0d3
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8111ef9dec1a921a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 01:36:50 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 05 Oct 2023 01:36:50 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/1085aac3c7d221d61f9901e5f550a83d1c3103577a6a162e7637eb8e73bda0d3
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
sodar
pagead2.googlesyndication.com/pagead/ Frame 9C54 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231003&jk=3123594954541455&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TeudBVNd4Gg_129X3DxgEw:1696473403/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=557056-

Response headers

Date
Thu, 05 Oct 2023 01:36:50 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 557056-16890123/16890124
Connection
keep-alive
Content-Length
16333068
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805490&cid=1124771&pid=169092&p=VCRaJep1MSXuk1PlT8XYXoRy0MD23U6cwH82V_ZdG94VH5e0u-JDxrBNeujJ3-dOidIJXj01TvVXWDPNZ9wppEzrballReeYxV5p06ti5BKtedDYolRPtZrOBrdY9t1AWqxK3dOzw3aigdm_tGOjBfY-rfHgz5y98B9Pow8kZEF8kVWTNPXheUyF3N2RyM6WDviNkhoPN9Q4OSlmWguUpMoudYyMcR0zw8SWHiuooLvdaaBQ4zF_QVHizqD2h6sxogrZ26GtjMtQ1Kh9B2FYxqgABVRmP6n8ifob1Y24-kuw__f09jaIVeClsfXZWSaMYGnsA_-T9aoRfMEfuJYJ8yBJJiPV0USgA0EgDV6U2Q7NUQ&cs=424982049975135508705&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-1&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805425&cid=1124771&pid=169092&p=6Nd9ICPo7hNivxUaRXkRE9QBkwmKSRqXOSZQvNug6esf-_zzIPFYWe2S4JpaWr6GrXpbAB8NEGKEGETfYAJASVfYRZa-7889Klv-T3QAxaOanvPS55RKUsuvxU2GD2klaD7oOV40Hf0v6ARRYCavxkWK1P_PZoIaqetw8cgMY7Q8RnwswR9zp-kcPEr8fZ0swHTCfBSRK9QTVMtcWXiwWtBFRtuqQ5qeTcKtf7tUqrHBAPksEpmJ59fwCsptW-pSv0TzI9ZYl5k9r3ibdcEeSi5YmCD0V3mO7qtnkQUhstlnsQ_TgtLgJGAHibAA8F25HyF2CrD-l2o8HsllmviXv9peUx7SAIjKrVpThvKfES1-ig&cs=695696169661790434205&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 817D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LNCIBI58-6-6WQ8
  • https://usersync.gumgum.com/usersync?b=mag&i=LNCIBI58-6-6WQ8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LNCIBI58-6-6WQ8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Oct 2023 01:36:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LNCIBI58-6-6WQ8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BD49 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1049976395199165&correlator=331330404560847&eid=31077098%2C44769661&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1696469810634&lmt=1696462610&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=jdq153tigqei&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qPAz1blCHrJTCk9JeOYLMKnOyusQGiRsCFlneJmTCA3EQXSB3h27eud2o7JLWReafiF2jd-tq99lbkImkUg9xNNKuwbs50Lz6QD8BX_6JpsBOfdUKjU2772Ru9Ar7v4xuWZR4n3rBtNHYY8TERiQpyly79C5JtEa8-4-QH8msSsTTcgmMeAmvDBh0IwXQ&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=2101675283.1696469811&ga_sid=1696469811&ga_hid=1674025973&ga_fc=false&dlt=1696469808121&idt=2211&adks=1911528252&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ae29fc84acb9dd0fe8f5ec22caf261572882a73b0cf3188a3ec3e2facc09bd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12092
x-xss-protection
0
google-lineitem-id
6336189971
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437415221
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BD49 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a1651a232364d8c3a838791c3610f38c5a61579c90b1b421e9cafce58a68ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12154
x-xss-protection
0
container.html
961a8a37c532592880c5d6c73eddf1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C4CA 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://961a8a37c532592880c5d6c73eddf1da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:50 GMT
expires
Fri, 04 Oct 2024 01:36:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 4C01 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 20:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
19930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 20:04:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BD49 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 01:36:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6D6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEw6RyH7hmVlnFwpoUEi0cIgTvHo02_5Q_d_C4svcHl6EywafdOKPJbTEVj4ylg8tmyrYGkz7egUx39QMsNGFcTjsVg65sHoL7Q3phN-GRz0o-8JqOWqbZLtzmXZf2WaMzIB9pWSVaJbscAYE5y_uJ6FzLIs52AAgDhv1In9D42f2suM_dJgT7xX5fDfHYK1O3ipJl5ZTOffK4dPmbTU-jiQJLyo9pWv14FKCqauYhWDYdU09iUTtbzBO3YkSa2v5-o0ZgiD3mPoU2YUn3JL1fFUM8TNFgOEot8Pe3U0EpM1Obmj5E4Lxdba0LNgee58Dq1HryC5EPAMLg&sai=AMfl-YQFwGhm-DUA_fRuMfPPIAPCUZ2afu92pveKj-3iVCqTVxr2SJRlKzT0uSe7lMw5xuNClMT7MxXj4f2Ys1tXS15d2t9Z65LZtW1W3A&sig=Cg0ArKJSzBGEabMFXOgMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame 6D6D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:12:29 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:30 GMT
server
nginx/1.12.1 (Ubuntu)
age
1462
etag
W/"6499300e-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Fri, 06 Oct 2023 01:12:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D6D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:36:50 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3a20&_p=760036858&cid=1774176298.1696469803&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696469805&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html&dt=%E8%A5%BF%E7%94%B2%E7%B6%9C%E5%90%88%EF%BC%9A%E7%9A%87%E9%A6%AC%E6%96%B0%E5%B9%B4%E9%A6%96%E6%88%B0%E5%A4%B1%E5%88%A9%C2%A0%E5%B7%B4%E8%96%A9%E5%AE%A2%E5%A0%B4%E4%B8%80%E7%90%83%E5%B0%8F%E5%8B%9D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C41 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
33100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 16:25:10 GMT
expires
Thu, 03 Oct 2024 16:25:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FFC0 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ecedaa29df2007cc425ed5e55b68ee7e03e040c7f1865097b6b8bac819c8119
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CGWvsGRgCbFmjLJ9YS3YqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CGWvsGRgCbFmjLJ9YS3YqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:36:51 GMT
expires
Thu, 05 Oct 2023 01:36:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 6D6D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e257c4892b094c8a00d46acaf3897a8ed9476c3a400cf53f4057c71e1fe97e5e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame FFC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=1049976395199165&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 2C41 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 20:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
19931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 20:04:40 GMT
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=firstQuartile&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&cph=00:00:01.866&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805428&cid=1124771&pid=169092&p=nh0T9iLVnl5r6w7BFGxIFgGOVV4QWlfCf21U_W0gcMsHGWHH1ov6Ga-auyAvQlgje-yPtZkm8QSw8LY6eFY2zFJklW97pniG6DB6ChHFihmz8LFVEqc_Qf5CeBpGaF-B5dpO_tvETzjn46mlAC3A2bZqlPKdnac4r3pLSYzUBH3xRe20-UcqA9UbTg99lnA1wmQYISuyZlTGrxcU_-Ip8HkFNcseHyXtrcnu6VJcBObkp5zTIkmJbyXYHPYnYFNVRbw5Q2ktoJkUcaekhXNY6ta-wNj7SsGvBok1ADMy4Ad5yWKS4GVgvzplH91eLiG8s_mw9y4Hwg0l6InSCsm5USNC9HvgBimo9VkEgZMe_OxUqw&cs=339071862585529391105&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame 4C01 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iPMoBQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696469811380&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1558&pt=1083406078&tz=120&viewable=true&ddast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!u2822_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ca85c7f53fc27524b07ea3553cf8cb9b3235bd7698f1d61a42621cd5d1cd48a9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:51 GMT
content-encoding
gzip
server
nginx
machineid
1491
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-2&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805425&cid=1124771&pid=169092&p=Qj5Ljf_3O7o91FFVJvC-TUXrm43e1i2_j4qiHhpu57IDjXyxmWeJUz8UBxiWq-qJl8FtTC5Nl1pFeMlOnKk1xkSSTCvzXNC0KZbKWM6_37BhnMeROWqRvX8crXsB37u42mcRxhQKU-tcPNs7QUyUHzsC1z9wMLfUrcYcYi6zpLslkYon04mC7WDWT8Z45wt_R-CNQ3bHD93aARfD7gFPEmEKmpYxVknRMAv-gS9kNVP079LZTmelSa8dybXHEBS-znJqfQa5laQaXDeviMTp2RQQIyc9BrU3DT4SZfMbjmMVAGGxbnarSBYMAYt6bxAcflDLU9POTzwpjtt4Q3USU87LSAgih0kEJOQ-VGqYWmRQDg&cs=282381259674162869305&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=firstQuartile&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&cph=00:00:01.888&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805491&cid=1124771&pid=169092&p=UWQDwmRmbq0AqzFKeeqZN_F-Dxo-Ea9Lh3DeFdBlGjcK3izefEm-P1jKLWAVIdd2IkQ0ygiEtSh86IgD-BGhEV5SMr1JWtUxlZVMkrgx3_e5II9sCkbXqx7AaoruNPvtqK6ndNZuvvWmIxBOQ5jVuY8Q9-_INyO0nEvLnFCpeW_0BmdrrKK99tXOFrJ33dyBFLvIwumn6R7pf8rY5ifoI92FiWiLeT3rjaO6MdcS4VWasPv65dXSnsCdjOx0hASDYw-R15MvhowZHgk6pz-ascnwhYlNUuDMBcKKRBiRzyHcNpJ9_AJvm1GWeoOVoPG9RXO8icNVTdgXFRHq78WagPq7HcVmBCPOgMNy0Vt57Xeomw&cs=-355071498212056191405&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame 2C41 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dIy5Eg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-2&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805490&cid=1124771&pid=169092&p=JfFgIL8rrU8PNmaAA-wy45S4-qTo_M_cvLWE9vq_vRSk6HmW1JsrC3hw7QGA3mxvWA4XM_4TB8Ubtu_KKdNRDK8H4QoQe0euKjFyeIIbVdeLKZuNHTFaYfr-Uv2jBsu2VY4BJAhVOwRpl302R2mbxKMiDx6QJv-jAwVGpYgS6SIS-GnrBpb4IHauwJjOi9V6KwbvDTgWMvpvAogdGuIUQosnHU3SwyVHAyXnCdNTW57hEwlVOOVgCtXlScvAONPemow0Bn7hlXMWygHEitcDwohM7omgcJN-H0YkM_KVpoXHpnw0-T9H7xscgXu-khvkyjkWzmIlnIIVLqqAlzR-28kdCVyBEvCCOUMuBJh_TNYZfw&cs=-671080125516846737705&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
native.js
s.yimg.com/dy/ads/ Frame 6D6D 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
V0G72S4FWZDKYF5C
age
243
x-amz-server-side-encryption
AES256
x-amz-id-2
432nObJd8aDqp7zu/fo+ApoAESmtUoZd+3qQ7QRQm4XtBN2gelPw3djr+ZnIg+/+FsiBwYzawVg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=10637&tvi50=13380&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231004-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
66
date
Thu, 05 Oct 2023 01:36:52 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
63985
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230021-FRA
pragma
no-cache
server
nginx
x-timer
S1696469812.947168,VS0,VE66
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3707 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231003&jk=3123594954541455&bg=!eHulezTNAAbjlzx0w5c7ADQBe5WfOO3k-d07f242f6AXqSRJHw2ocBX-i29d0VQahxsrdduKdzUL13yZFaoavmb7oUqGAgAAArBSAAAACWgBBwoADOXG5SqbqEIK7lLkRJkCy7mGi9J4JWBBxaTfUYi6XHVuPMcPVE0NKLqC4Mwbqh1gh8YL0AunRGoyWqetzMhYvawL_g_0wSqQrFLvBKTs0tG63xz1O3Xn1gv4Npw8FrADCypbmR4jTfjn-hJTmbDn8ksxhesgX5SI7UvN96dCV637fBmsCtG3O5e9tuG5APdPl_jgXxhbAXhq77HSNwzRYFseeZmQ67HtMrECPh1Ub2wIWgkk56Z4JyXCvByuJ6lF7-9P0nMH3RK2mLAHdX_yi3WUWOCnQHzE7qpjgWQ63yzHq7OTLhAe5RZBq8sDKaKjEilkLh_XCM0dDwFAHJ-FJEGxsTgE8VTrAeXzgRTSAMQp93vTHKAm_MNbuloYxvyI4cjr3cqGb_PvikFKyVOgXr4CUHNYltQgc48i9IHDFueizJLi8nEaLnLfiQIEP6AUreJhSlOgXhXEUK9yZ9_5UQxFpq4_bC8WLcrkn_dauO1qE4d9uq765TrteDlr5mU97chd_Bnlm4TLzEvd37K4zZKwTW56y7X5BW3zcXkWNLg8ng3tdXPwG4W_vaaKF05C8XmhpnmQNIc48pibpVRhMy_u9BFMLeWJV_SRE_pnUqdn1S1xrZgd2xqKNL-CKkjZo5J14ZwB1-MGpoE16F_SDug0e4BCd_1QGyLTBu6FhFYFuQCSNKWylEo-OORvjNxbS-AHczfEdQqAZNHVi858La16XToLRMeXYzJMDQXvb9RxRw9EW_UAnnSmZBJsW8A2lDF1h7LTMHB4XtXLg1TBstaG1sPYN-1kEvO4TQ6DLHeYfIYzIqi8gYmzQR8c1SbH4NwzQHp9PwctsZRDhhboMu8OIpPE63vkZ2y3c7eYxplpKu66MSTLDISqPch4FErD76UUzszG23G1zaW3MLnXe4d7dTPbqN05cNwurmikrBXVbOoebjwrwlOHns4qHNx1EwEedRPc-8rAZG0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 6D6D 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o1.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
3002820316b448eaefcc6399e87d5d0f9189a9eba0c67eb68f0931eafb0bb2f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Thu, 05 Oct 2023 01:36:52 GMT
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
43
x-xss-protection
1; mode=block
x-request-id
1f5fa83e-eb93-4721-95fa-1c26ebfee2c7
b
geo.yahoo.com/ Frame 6D6D 		43 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:52 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 0350 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame BD49 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=1049976395199165&bg=!FRalFlnNAAbjlzx0w5c7ADQBe5WfOH-YJypw-LUtClkdlYq6KuMIQa8-jcHCq9OC0k410Slpa-QUszK4VG9olDuGmzQPAgAAARlSAAAAQWgBB5kC_sTuyMXp6fYmZ_2liBbVAFTlNFV03ZHB8mmmnLZFlOB0Ria7cSBRy36-riTUexkBfUweADk2kl7x6LyFQozpdK0HZdh3Ge7QeG9_nIVBMRYUacQDOPpV0kLT4Ox3WRPqGU7t_hXNdkVzPl6zjoBaTyFNo8lXLptkmcSRy_ckUfVSf_MkgqUH-rVVn-iAPn9fT0CZ1cmDnNX-nMLjZwY3-T3P4tNIjkIb_aYp8zb1o-GYwkP7b4MktQc--wCAgj_pNa9BHljj7ODZqTmOq5WteDtzpbRIXDsTcl1o18tT8aZjVJju4ASlXhB2YC5eEBS1IT2rzD5VJzU-7CpiA98KQdaEe1lX86sz3haYazWk2ZHReUhrgJGP3MWQAWtS6LinLtwLq2BxUCsysjmtEb72e5nA9grsNiYqRLXU6Lh-ExeI9Twm2XbN5Sejv1bB0t40zgwEFf0fD2rxWNBglw7pTVUjs3lktkP6V2vT0PqkmdsZVPhHBAlVNMmeE3XsQjKf83m-MxkE5KFbRI-Ryur7PsdjoSK0kgkBfGy5oQt6wokEn6hGeq2gvXCdpV-JmWkYrScsaYdswUe4NAagFXSunHynOZinXBj6FNahXj_wX6YP3xImG_JL2tXWgVvv6jW3e1v-Nlly-5mYKANJ2Bgz66IYikC1lPowA8p5YnuDIG_jGirWudH_8enDVB5oTM_9VAiQNqNMbH58gPFCcC7UT6SYgrAoVwOyac6AZ4cpFbpxd0BOekyvJVDonHOwTJa9mUrzeI6vZeZwhsml-AgslF2W9EPvTttQNaRKoQkiNYmjmuIZgZNo3An3hui_F7yCTtW3AT19SVhWTxGoBnXIpQVqWegTlWhB3UmdMd_8_6xHoRx6ElGgW1f5BGx4urCgrpw4ZeIbat2hXQrj4DAkMJDinJRQbwqWmlKOO1ZFEo4T4MqLJw3VryFbKGaw2Mtjt_DtWllBNOH2apa7IU4gb_pE_kaMc7Oyk2mViwZn4oxy8LE0dm1UGTHEyHGF3e4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642
s.yimg.com/ys/ Frame 6D6D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ys/SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642?cb=ygscb
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 13:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
RWAZ2EBF32HP1H1D
age
2290559
x-amz-server-side-encryption
AES256
x-amz-id-2
XhlAO3ZTXj1EeGCR1GlIYewQXmzYlo8KAAIpssoiQK0GO46rAmiico2R4HdzA9i8DlXjKP8z0h4bhf/iY9vp3g==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 04:05:54 GMT
server
ATS
etag
"fa2aa91ba592d1ae8a4853ad8af8677c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, stale-while-revalidate=30, max-age=2592000
accept-ranges
bytes
1695312056947-7127.jpg
s.yimg.com/lo/api/res/1.2/DVLoZuoB8zrr76VnOiwayw--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/ads/ Frame 6D6D 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/DVLoZuoB8zrr76VnOiwayw--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/ads/1695312056947-7127.jpg
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
9cf8c82567d061fb3cf6f5b6f844f3b0e317fefb3b1d6f05578bca89930f4637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:42:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
age
111291
cld_latency
1
edge-cache-tag
504178063411839953516178366640173227410,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
cache-tag
504178063411839953516178366640173227410,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
Miss from cloudfront, HIT
x-cache
Miss from cloudfront, HIT
expiration
expiry-date="Sun, 24 Mar 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits
1
content-length
48627
x-xss-protection
1; mode=block
cld_by
cache-iad-kiad7000032-IAD
x-served-by
cache-iad-kiad7000032-IAD
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 25 Sep 2023 22:15:09 GMT
server
ATS
surrogate-reporting
width=402,height=210,bytes=48627,owidth=1200,oheight=627,obytes=310217
x-timer
S1696358521.104047,VS0,VE1
etag
"9b757aead2cd5cf7d1b981cb5ce78db2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
gemini.png
s.yimg.com/cv/apiv2/adbuilder/ Frame 6D6D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/cv/apiv2/adbuilder/gemini.png
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 18:22:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
DMX2ZYDQEC1J8Y81
age
2445268
x-amz-server-side-encryption
AES256
content-length
3328
x-amz-id-2
IwE/n6tlKto/3nyTDS2i/KUQHwvfx5brO1Zez2rsmuykmJywtuYjzFjykVt6fV8oneueFimuX04=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Mar 2019 01:45:46 GMT
server
ATS
etag
"99f89d94ebcff9a04ef4c4174c7bc13a"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
truncated
/ Frame 6D6D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 6D6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupwdp3nLm2-QOWBs7ztkIbvzXVIqmaLpedGu5MLSj0kOphjz-fJl_yJEFmwPIc_aGc4wDFrVeQ5ZJ0PxfNGPz9b8QCGLPcNXo5wHjIv-yfhUueRr84lWQsZPkQk-iGvWX9PMFnqmFaeXlc9gQs1TY35VHAmbM1BKb5AqeaVbA8Gjf9KApfiWHEEljF4mvJLAZd5VjsHCbqLB_wId1G-cIt22NdRB2PzGQJIUjCiutsyp4HSeI8DTFUUfgapwe59M-KnQ9T81Wj2Hj2NUSoKqcJctS6ddyuu5_ebXuTwODsqCSKr5DcaprF-UTcH7m_hRUvoY1rCGrpkvu2m6s&sai=AMfl-YSQ8PVdilHwY2nJBAvX4pI07LeuZZBPnCiEupFrMzFdo0zQFgS2uZrIxeRca3K_CflOhBQFGhsEUflesuS3m84vKCWCMw3sPKeyIQ&sig=Cg0ArKJSzLtJQByhXw2kEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:36:52 GMT
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-3&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805425&cid=1124771&pid=169092&p=14ipMtOuNKV_Kixz_acUJ4k5Mbet0SRy6DGw2nYVtKXKKBjuXI7xfwtpL92N6ihG-hZrZH6yOe8N1_x956WlxEagAu26QytcXB9WeN40ESO7gVE7C8xbUmmtxVnswmrdJlqUT4zqIMXnBFvdNcCrg45qDvQ6ANHAGvOxp04Z1GtBbmrNaxBSfbOhKTHOf7eEOQCMXJlT3AJHwzVnJEK4z2veOz8r5KxLR1t9enWWpmVJT6fmmyBnX9hq3ny0NgHxE99uZJEygJwaZlx0N7lcuQGFW00G96TXw6Nj-Oa3XeDren50DHtrUcsGHKW5pmt37JgSjmxQrfQLM0Vj0x_hoBb6a9ypmxudopgm3htOESADwA&cs=700758053948547662105&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-3&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805490&cid=1124771&pid=169092&p=Bz8HcIXniZ7uSjKwuyyCqOIG-6quT1OgLej2J2I8ZkHmxdoTddTLTrPEvIYCkDBJ3rWiZerqge5LqQItcGDjiJJCFE_GG63JXAVILRzs_XQqo_39ebxXEPu8UWXvrQaNLpldUR9_ZACXvoBQlvRQ2r3sKKb-suKWk_AARB_FNly-GkTvDHE3Y_cYq95Oak19c0KRnyQZZNQCbEtk1P62qGRxxKUI9ZkwghJ8UvvPtRDGzp9pS_Au2MznLAddDDIniqW1RoKK6okGcrz2hZmvsAJVwfuw5mzfMo8QJSQVV42VQMizZ9U6M_XrTZ9rn_x4YLyJ-KITMIYmByOuxDFXCa9UCaQcSlxP4ojVbKpyM-2iwQ&cs=133899062466240744205&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 0350 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84822405&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6fe9129bf173ec20621c8550677300a830f6b1a5c1e8bf0a5d8a7f83d4e45a4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 05 Oct 2023 01:36:51 GMT
content-length
1239
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 9FA4 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 05 Oct 2023 01:36:52 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 8FB4
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d4b054263aafa086/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=c76db39f7b0eba68328c081240eacf41&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QWhaVWXUYggMgaSU&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QWhaVWXUYggMgaSU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Oct 2023 01:36:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QWhaVWXUYggMgaSU&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 5AB0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 05 Oct 2023 01:36:52 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 2165
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:046A5B4EA1F84E47838D8022044A18BE&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:046A5B4EA1F84E47838D8022044A18BE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 01:36:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 05 Oct 2023 01:36:52 GMT
expires
Wed, 04 Oct 2023 01:36:52 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:046A5B4EA1F84E47838D8022044A18BE&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 2B2F
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=962109473
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=962109473
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 05 Oct 2023 01:36:52 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 05 Oct 2023 01:36:52 GMT
etag
RXd1a22936ea834ee6beb968951a05efe9003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=962109473
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame E21A 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 05 Oct 2023 01:36:52 GMT
mw
mwzeom.zeotap.com/ Frame 0350 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8111efaab80418eb-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 0350
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:37:02 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:37:02 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 0350
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4FDEB18C-58E0-4AAA-84D0-6213865B48ED&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:52 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9E3E 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87621674&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 05 Oct 2023 01:36:51 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame 7F90 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Oct 2023 01:36:52 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame BFE1 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=4FDEB18C-58E0-4AAA-84D0-6213865B48ED
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Oct 2023 01:36:53 GMT
Expires
0
Pragma
no-cache
zEok4o2MwQBly7t4Q%2BunOcrESKo7NLcS%2F6kEOG6xdsIyYYAwOgTSghlwkHDH389GPTOyuyTaj64Dx%2FPKy%2BxjkJgeJk6cTiiU%2B4xYuYQ6O%2Fhz%2B7jDBLTwbpjEBe6Jbl%2Fd4af5gTkZUJHDdSy6QuFxytOQYB6Hl3YscJ14Sh5O6UPkj8dY21tWb...
ad.vidverto.io/delivery/v2/content/tracking/progress/1812/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1812/zEok4o2MwQBly7t4Q%2BunOcrESKo7NLcS%2F6kEOG6xdsIyYYAwOgTSghlwkHDH389GPTOyuyTaj64Dx%2FPKy%2BxjkJgeJk6cTiiU%2B4xYuYQ6O%2Fhz%2B7jDBLTwbpjEBe6Jbl%2Fd4af5gTkZUJHDdSy6QuFxytOQYB6Hl3YscJ14Sh5O6UPkj8dY21tWbUH2O952bzSZ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:53 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-4&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805425&cid=1124771&pid=169092&p=C5F0VZl_7HhkfhYfMNR0ghfejk7pI0W-qlJp4lIhbgBXDmBe-CQm-J9uq0SGU5DgAaGgy-XAV0LuYsXZQHfkuDd5gDv499wc2uywiCIiVHwqBqJqokbNnF629HryV1meL4uEMOB--fFC5iv_liOnOkO_QwfDQPsRPAkZXrILmEZtXzH907kftrLqA7bUJpT9CzIHJHcKxmr2Av04QRlU78zSxozqqwMRxNmkV6SMPWf7jrcLoouVOITSQUov-F3RnC1S8CuMMM1qk7NFuVRuPEa5P83EEWlSQsoE4b2AU35eofYDhsBel5Of3jZNFFwu9kLfDqY7mCcxLnQ0jTXPI0cE7qJr2pSXXziZV64PKde5IQ&cs=201528354656484457205&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=midpoint&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&cph=00:00:04.046&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805428&cid=1124771&pid=169092&p=NS9oVKCH24K9x-AS_NGUb4wHgB5D7A6aXiS3pJX8lyJofzxqK1Y6mMxDSH5smY5U7FjdUnyIISjChfbnlukYm6n6G-Hc3y7PbII1GS-a8cLI0nW2-k70GjarjsDDn-DmB0KFM6zvc2eh5o6UdGD_TMV9xMYOHdJY3EuvKNDz8H91DwmCfByr3Kxm1pxhWa7vYiAFoitYqpDoa2KLuwl3jE8b12FyTfwWAAYRBg70WLqdiL8ktpTsoO13caWe2QAsm93FdzhgtqPZEvdw-wTAtgbGm9blhXekjPJL5njUEckO7ZDFIGiw8by0T3oXUXYQiit-Ou__FTwxwCxvkt0qG6-mDgVQIiGdKOhXgKPNnj94Rg&cs=-306738635239366793105&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-4&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805490&cid=1124771&pid=169092&p=UQBSd9NI6tv2BBwAnjO-Wtnu4BmAVjb-hmONxgHwTDc5y5GolxXFABrNydnbYWXQiPJo3QU6cKJMMYzyQiU7_yq_hFprWECgd6ewcLCJE3Dv7bzEqDJ6USfTcUerewJtu9gNUL4S3l0-GFomzRD2FCqY8QPPs2BZp9YrSObEy9cP_wJhVy_6_1GFtgokQxkKBCyXz553g0X_-KmnyY0BHal360q0W0ui5Ih1t5BGk3jOtxITQakwcD1CB591PEJdcE3n2VRGPBFggdaGu1K0DfuB7agJXUl5yKLx2fhdfuWtYuAQooY2DpZwK6gBsjIuMMDschSm7OlTLjzWMcMjQNVkNHVJRshKYaiVz6jUk6OP1g&cs=174515298874552436505&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=midpoint&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&cph=00:00:04.038&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805491&cid=1124771&pid=169092&p=G8HeeKmmVo02daDPjcH5Ceh6HLDFoEww3F9BuhDgPMzT7dRwY3WAyn7qZnY5Y2cVafxyx_jTWGOLk8Ot1wnRu2HHNfVX78MwzYcjmEQaNYso9apXTTuFCVBdavY9ikWIkl_HShZlAHjCIpiFGs95tTvJ6zbqDi6lgKKxbDEM_UGIkvnRGVFsqx8FLQKPAcOAftdTHAZo4DWUl1NHzWPLl1-ldQ5V9tHgHzPSUYhg68DwgIWRIeWVNl0C43PLgixH8kXZdWFqUuXQU1bXUHZCIyd9XuXub0wWWD-u_1IMVivD4rp6G7BbTbufXE2GokxUPCDMOLsOOACMRq8-GH4HCCHahmRRsoYZ4eHoeIqzA4hILQ&cs=-109200083291473249505&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696469813918&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1558&pt=1083406078&tz=120&viewable=true&ddast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!u2822_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ca85c7f53fc27524b07ea3553cf8cb9b3235bd7698f1d61a42621cd5d1cd48a9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:53 GMT
content-encoding
gzip
server
nginx
machineid
1427
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-5&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805426&cid=1124771&pid=169092&p=fIdIDSHrNZRRm3rxQcavMyA4rr9Hc5J-Wfln96Zs8zzGoTVUJePlWJChU0PLW53-ys70U5v_tlsujb4MZhTjclGjqr6vvwkeBudOwX29KYJoYTxHOAKzUXn7Ec34RnnxBNu58rn-XzbitKdv3qj9W9mreNV7rzKrY5oaS5w3694z3cSocBisO0faJsrorAdxg5it2qK7Pavrkh56_RTIY3MoRLAoPZDkxd5Cn5e_dpJXNM2cZIpcBWlBIx4wtoaeBMC_2W4_T8-m8KL_35Rx-CP1Napwaz79jcbWSPPK4AVDiyqQMWo62Opd0BZmXYxkTdZRkkm9f4EQkXkpIO1c6VHK95LNNfLlEuRcvM7wmJi36A&cs=-314812968468307942005&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-5&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805490&cid=1124771&pid=169092&p=pUXk0stw5S18kI9X0LQLiDi8n5kpVTTpu4N4Q5KhpdwVdw-kfcgNCfp2LQSlHqP8-Hn6gWm4DjhlFHwjlYmm2f9e6vFqC8TSM4xNZA6hPyxe4Narm7-IKrelei0pVKUyIgktL6xq4Y8RUMF_uoJRGNPxK7iaqYVJvyW6nGNGEs_XSJ-CKY_BHBaqhbU5QiRq5cT_4nz3udOVTNdwoLvuFhr-eRGQG1A1lRuRgCP0oiPA1bVR8znQVGE61vRlOiRgRMjBJQwz24DXd_YhxuDw_TeObuvRXhzXuFWDswZQOnizmoC7Wd__23_gwK-tzvZc22a9_S_j-Bw8FKKzI1XKmpwI_lh5qPFSul5wVFDa_ERiAw&cs=561374520856716405905&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 0350 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=thirdQuartile&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&cph=00:00:05.905&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805428&cid=1124771&pid=169092&p=FN17ezDc9884zhStVAoLMWAwjkdQV7hEvHMrwJiIVYk_yT3Sn6mK-1wdgNORohtUbO-zJhSQ7cshcnUq67RP65B3TYgjtJydTH5GeJue6jvS0QN1Vu_ERSuxCbaBracU4smptlOzf9rGRWwVBvI00CD3cPXXGwykr8olyR1Mp7g6wm1vHHVb3AbhEa6PFkppKYw1n8bNT0_-LQL5bwvriD8kYAvXNWqspH75LR7ITsJzsvfXM6msZxmH-xp9qlE055CEBix_bliTwBjflt9wJLAyG6Wj_zfS_8yn2oqNobwELicRwbi7zhrE4BVlDQhGXT7n1h2tteHn0Bxm0olGUzXOa7PKEMMdGgXHQx2-0CTDtw&cs=536686695378614215005&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-6&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805426&cid=1124771&pid=169092&p=FcBuPU8nn_W_VE-p5UTDSOYPTvtFDyptc7mKG0z9NhZ9TKcbqBeKhU5leSVUOCw6jXNUwJs01M9JbOwRswt1aji8dAWHHL9Gm8bqu1bR-GTR6F3ymjCBkHbzM3Odn8DdGreryteMpvrudjhXh2JVYaiCkNxs72xKvm8-ht79806ErKCmh49hkpzPqLV4KWUCgst2iS5rv08pJ8ulauidSWNDKOZ80FPDI73a6NZAY07sPtvuQ1z9VHr3qaJkK8lILVIl626amivtyZhYubkUjdJ90VCNeLOj3QYWVyBYR4mWSt2IH56TspjAVFVxvrQdgt2D3prbbWjA73yREvkCfvBr2BdwqHrBGyN-BCnx50EN6g&cs=601652625984627470305&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=thirdQuartile&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&cph=00:00:05.854&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805491&cid=1124771&pid=169092&p=ZgwDm8EaOHVQvkbaOnp45empNAvHQxXJem1v6YCH5tChNbtdo2KbbuT4H39sG3a1z7oXuee0h_gr1sEOA6_KmVC1U-mdGIRWmTZDLap2Pi9V7jeTUfbCWxeqjqfXl4YC5zoamiEBJmvUHkTfU_jt8KvNvDWdK3yJ6I2rL84oDpAiAUkfGNm1sPxndSkEcQ4UIn-2k3xglQ1OVQZAVpmo2rNu-gr_J60XS31HPM4XpDcifFdopyittW9kcvhK8lxtFilgLBE1htzCB1CWR0g9kA7UL0GSQGWEQI7saEM2ng0DHHYQbGxMWlifQso_eW9eXDwK7-MQpyrgFx1luJhx4C-TkGEEjaYSrd8RjT3YRXwuCg&cs=-189121916939901535005&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-6&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805490&cid=1124771&pid=169092&p=9Rk3HLdHW10HdN3mmAiplL8mCZGA_lVWwZdrhYSAFToAFWz4rx_yA_WUbb4jnvQ5H2UQjHdiEq0BK-MAhD6jB-UAawvGjUoloYcLDTQLob4CCLxXxnchdJbOzmlyDYjdvDEus04XpoQM0K5KayRuDAgaI4H-J0v2MuYKUgwSlSssa9Ihe4iSvIuu9DjLL6lhqvQDEQIDK-cE10T7ClAXFGvs1NWjMFKVozYwM3TkDQzoPMiw1riNcy_CiQd74NWCeobLZwuCrxLR_Zvx9Mrutsf0DfJ1CUbhHwf2CPH1w8EbAJBpakmc88TJbXEjBJEqJgN3B5p_l4hEYzvOrwMBIxpKIWKfm1DVO9xoNy-2YCL3JQ&cs=190786024212291112305&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696469816906&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1558&pt=1083406078&tz=120&viewable=true&ddast=V84psCLAbc2jVJ-_VTwRC4tWuS9uungikAAABgYID-AMmYbM6Nazlya4arxVo0XDjcysFsthZZPL6Zy-QwDVaWISAZk825cS1Hbs1wtViLhguHWzmYzdYii8c3c5kcpsHKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZsaDodPte9Xvf73SU-z1zj9yv8wqdb6nS4pX-7zy10uYWuh93nVjvcwqfdLXc67G7N0e96S48Ou1tzdLrFTrfE4dY83FqXW2N02H1u5dOteLrewqfD79YcXXafXWh6m-0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgGcOCPP6fFy2h_UfAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BiSnnd8VptIp0KkALYIIwAAAADDzmmERybpBBWLKv____1WAK4AAAQo9uuF22TRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH43QjkJPGiDpRy41v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rwdEFouVxWRcTVyOzWjhMK18o8XEuVhYRiaXYzPybE8UOMAYe3RnUJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKYGBkGu5VztpaNdiu3aGOZuIWbkcOtGMxMK8twZJuYTG7R62P6OHbL4cLiRYIBcnuRPC3SiWzhHHkMk4XDN9oYlrPhYLVxbDymkcO5mFg8roVFLNGcLNKJ7LKvLBYri8m4mrgcm9HCYVr5RouJc7GwjEwux2bk2TdGhsFu5ZytZaPdyi3aWCZu4WbkcCsGM9PKMhzZJiaTW_T6mD6O3XK4sPgbs-VsNFsOB5t9Y7acjWbL4WCz79AZvqvP2agsqyQflTehrVW3N6dB4TJYvC_16TwsGAvqs-fo9Nlq0e7O6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zCp1vqdLilf7vPLXS5ha6H3edWO9zCp90tdzrsbs3R73pLjw67W3N0usVOt8Th1jzcWpdbY3TYfW7l0614ut7Cp8Pv1hxddp9daHqbLWKJ4HSRTkQv4-mi_qOHWK7mksFsrhis5orNZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CVqK4_____3EAAABk5NADAACg3weUBQAAAAAAwK8gNpvhYP8AVIi1Wq1uN9ZqtQIazGyyWM4m8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!u2822_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ca85c7f53fc27524b07ea3553cf8cb9b3235bd7698f1d61a42621cd5d1cd48a9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:36:56 GMT
content-encoding
gzip
server
nginx
machineid
1487
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t.teads.tv/ Frame C66C 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=complete&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_57218fbf-6bbf-4785-a90d-2cc0573580e1&pscid=20204&scid=7024&pfid=72&cph=00:00:08.021&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805428&cid=1124771&pid=169092&p=8bcRiSWUQ1eokbWeLQPui6FuUeXRQQOwNWVckISE57wXyePoxlkyoKQZua2dZ7sr-YlRkTMoXsunAaDe1YJJ-Zk4mgO-UC61ZidxICEK8eZ_r8RQS9L4eWMccFX-qNUSYW7qXlrgVemfKy0OFSPxMRqxGc7NNXJaVR-uk9Ht_wGyA5gIgxES7aOO5snM9sdCCq1r1XwkJSxwXhasT8b4dfIoh9TmiHRQMKxjBM8JA_4r1HS0mdv48Et7vcM0XZSsxXJBRTAhYC_uHrVCjO57uPpkWil-O9ev95g7YAot8TybSG5PY4rVaVZn9te6nlqtig2fVc2fFEOJKDCGbfhzFZf1ec3jk3WwhucCHqcLBKlZKQ&cs=557534701800033733905&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame F781 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=complete&vid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38&gid=1057749&studio_cid=1fb1bc80-56e7-11ee-a34a-f15bea477743&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=aacdd812-48e1-456a-a06d-846c674e0358_0145777e-83ab-4eae-851e-bc1dacf30e41&pscid=20204&scid=7024&pfid=72&cph=00:00:07.710&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1696469805491&cid=1124771&pid=169092&p=VWrlZkLWWwhKEuQxJH4wzhI6qokSa780OwlIePhWFRBkpbvsYuNVvML5fw87MVBZDc2qOc44Ke0TRZqiKPfOEOqEq76ePXcgDbU0HEPX_21pD3L0c1Q8my5R99Mkep3HIv-UjMuIfVcezX7mnh-92WCb_8Dy6wMRfGBe1LzwiBS52FF9G4BjUgzCLge5TD5VaiQuRT-4JGFHra3_lHYfVLk7QfpcrrvVWaCRXKkdNG0_2Ccip2P2SYPrSBal-Tc3oWjqyXa5olpL44fk4eaMXv3m0HpCK17SwlXLDYrvOdsGt3yOYG2z3hLy72-OEX1uG3aK2t-VpfcE2KLNIM79ZdFWoBQyFTb_04wVUkwA9WMuUg&cs=256434314804355690605&slot=native&fv=1263&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-jia-zong-he-huang-ma-xin-nian-shou-zhan-shi-li-ba-sa-ke-chang-yi-qiu-xiao-sheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Oct 2023 01:36:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202204/8da21c35dec9615f394d66cdd2aadf56.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202011/5a654cee70484d2296d24238fa7cdaad.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/44711896d5f091b0f04a5014c731d6e3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/36fbeb3a5b7bd9a27b6e50a45d8bea4b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/360780741ba4695115bc9d8bd09aea66.jpg?w=150&h=100&q=100
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue function| _statcounter object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_tag_manager object| adRecover function| setImmediate function| clearImmediate function| _typeof object| TRC object| _tblConsole undefined| msg function| onYouTubeIframeAPIReady object| gaGlobal object| ucf object| request undefined| google_measure_js_timing number| google_unique_id string| paramsString undefined| $ undefined| jQuery function| jqAlias string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| runAnimCheck object| aries function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| google_reactive_ads_global_state object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo number| vidverto object| regeneratorRuntime object| aries_registry string| nam object| placementData function| quantserve function| __qc object| ezt object| _qoptions object| cmTag function| inView function| VASTClient function| IMA function| VidvertoPlayer object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| vpbjsChunk object| vpbjs boolean| noPreviewPage object| _aries object| inViewWindow object| google_ad_modifications object| google_prev_clients object| _cm_wfCounters string| lastWfUrl object| vidvertoPromiseCache object| closure_lm_204127 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| startCMTagMain string| category function| VidvertoPlayerVideoPlaylistUI object| closure_lm_178633 function| shuffle object| entertainment object| arrToUse object| playlist object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 function| OvaMediaPlayer object| closure_lm_750798

196 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARCXFgoGCKIBEJcW
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1696469802.861AECDC810B4F444D2BF1039541D3D7.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1696469802.0
.statcounter.com/ Name: is_visitor_unique
Value: 1696469802102190415
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1696469802.1.0.1696469802.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1774176298.1696469803
www.bg3.co/ Name: __AP_SESSION__
Value: 64632e73-9e63-45a5-8d4a-fb758fb408a3
.bg3.co/ Name: __gpi
Value: UID=00000c8e1ae89344:T=1696469802:RT=1696469802:S=ALNI_MYtISpP6OPWRqbvB89VyM3wQFzmmQ
.aralego.com/ Name: sspid
Value: 0a6c31ad-e702-34a4-899e-2a9f3b737598
.doubleclick.net/ Name: IDE
Value: AHWqTUkpqwFAbQ2b0l9-Ef28LpAt26GV-fcrTBARAgiTFmjn6wjh-aivH4f2qpJb7gY
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 741a1e32-b624-4ba6-89b9-f048d734071c
.prebid.a-mo.net/ Name: __amc
Value: 1_1696469803_1696469803
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D1d007e96-647e-4c2b-83da-10f4e28d6bdd-tuctc1798ab
ad.vidverto.io/ Name: moxuuid
Value: a1a125df-0438-45d2-aab7-279134ad67b0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1696556203
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1696556203
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1696556203
.aralego.com/ Name: euconsent-v2
Value:
.omnitagjs.com/ Name: ayl_visitor
Value: fd4b58a756251777045817d32d79c87d
.rubiconproject.com/ Name: khaos
Value: LNCIBI58-6-6WQ8
.teads.tv/ Name: tt_viewer
Value: 1570ba70-3c4c-4fef-b7d2-f465dd2c6a38
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwq6b4qAY4AUABSAEQq6b4qAYYAA..
.adnxs.com/ Name: uuid2
Value: 4930783210065455397
.bidswitch.net/ Name: tuuid
Value: bac187e5-310c-4a69-8234-373032cc077a
.bidswitch.net/ Name: c
Value: 1696469804
.bidswitch.net/ Name: tuuid_lu
Value: 1696469804
a4p.adpartner.pro/ Name: apuid
Value: b2881a99-e5e7-4de6-b022-2741ad4d50cb
ad.vidverto.io/ Name: adpartner
Value: a1a125df-0438-45d2-aab7-279134ad67b0
.quantserve.com/ Name: mc
Value: 651e132c-b634e-78e2b-3ed86
.casalemedia.com/ Name: CMID
Value: ZR4TLD8J.Rbq8oGvwfm8gwAA
.casalemedia.com/ Name: CMPS
Value: 3234
.casalemedia.com/ Name: CMPRO
Value: 3234
.bg3.co/ Name: __qca
Value: P0-1719237998-1696469804160
.bg3.co/ Name: __gads
Value: ID=be52cc7a3cf7e403-221a94f07fe4004f:T=1696469802:RT=1696469804:S=ALNI_MZzgclkqTlR5UL42V5RNVtVxeaoPQ
.yahoo.com/ Name: A3
Value: d=AQABBC0THmUCEGLI9LvwD-c5GOc31GXfVsMFEgEBAQFkH2UnZQAAAAAA_eMAAA&S=AQAAAm-ZH36Fpmua6ZUpQ6CIPBE
.bidr.io/ Name: bito
Value: AAEi_07KPCYAABjTPVueOA
.bidr.io/ Name: bitoIsSecure
Value: ok
.simpli.fi/ Name: suid
Value: 046A5B4EA1F84E47838D8022044A18BE
.linkedin.com/ Name: bcookie
Value: "v=2&643b581a-6b99-4b91-84c3-5083a4932623"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTY0Njk4MDU7MjswMjFQvUUS5kq9yY6zFtPL9AYwRsELF4qJ2lhXd/7dgHSFiw==
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2604:u=1:x=1:i=1696469805:t=1696556205:v=2:sig=AQGYWAC9UEHsOVRYblQaKth70dtD8ABR"
.adnxs.com/ Name: anj
Value: dTM7k!M40DF7/.XF']wIg2E?hgdQ-A!]tbP6j2F-.aDyjByG0>mtJ)wj(l*l9N#td26Q=KD0y9E2*h-fQEVk`!'V.GQz[m]
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxOQ0lCSTU4LTYtNldROCIsImV4cGlyZXMiOiIyMDI0LTAxLTAzVDAxOjM2OjQ1WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTA1VDAxOjM2OjQ1WiJ9
.criteo.com/ Name: uid
Value: 54ba79e3-00e4-421c-9c22-df79652b4727
.ipredictive.com/ Name: cu
Value: 1c4cda93-bcf8-4089-bffa-fbb152e12560|1696469805257
.amazon-adsystem.com/ Name: ad-id
Value: A0Z-vsY1F0-rsDvc-JDCIAU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tapad.com/ Name: TapAd_TS
Value: 1696469805319
.tapad.com/ Name: TapAd_DID
Value: 1e57eff5-b4e2-4940-858b-600aa9e1d25e
.yandex.ru/ Name: yuidss
Value: 7352425841696469805
.yandex.ru/ Name: yandexuid
Value: 7352425841696469805
.primis.tech/ Name: csuuid
Value: 651e132d55213
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
.zemanta.com/ Name: zuid
Value: hE1YiFaumuLT5SiXSquQ
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8175dfd8-597c-5ea2-4123-d74034804d30.YODzG1UmVFgArJtpijNWRI9XiE3qSnw4i%2FLl8aCCX8Q
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8175dfd8-597c-5ea2-4123-d74034804d30.YODzG1UmVFgArJtpijNWRI9XiE3qSnw4i%2FLl8aCCX8Q
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AgXXf2Fl8XqJBI9dANIBNMMPOaYQ.L3HX%2F%2Fu12ViW9%2F63LBD5J8CtWl3JClp1G5WT%2FBP3Mfw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AgXXf2Fl8XqJBI9dANIBNMMPOaYQ.L3HX%2F%2Fu12ViW9%2F63LBD5J8CtWl3JClp1G5WT%2FBP3Mfw
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHYRzuOX53P1rTccFBQy3a5PfTwDF8Zo8LRJc1iM9c1mEHwYBCCtpvioBjABOgTwi70wQgSFAAsj.BfvEK9YqYU6UxGmU4rwf8ySK9DRxB%2B79LyspZTUHDgU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHYRzuOX53P1rTccFBQy3a5PfTwDF8Zo8LRJc1iM9c1mEHwYBCCtpvioBjABOgTwi70wQgSFAAsj.BfvEK9YqYU6UxGmU4rwf8ySK9DRxB%2B79LyspZTUHDgU
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1696469805.1.0.1696469805.0.0.0
.hb.yahoo.net/ Name: data-mag
Value: LNCIBI58-6-6WQ8~~63
.agkn.com/ Name: ab
Value: 0001%3AsJzHkad030Hiup1I5CYTmQaKofEz%2Bb5C
.krxd.net/ Name: _kuid_
Value: P1fzifsf
.bluekai.com/ Name: bku
Value: m3X99YTEcZDIkO1c
.c.appier.net/ Name: _auid
Value: ExQXGQyGCQOeISWrLhMeZQ
.c.appier.net/ Name: _gu
Value: CAESEIpJ8bCkBHSyb2t32mzqBUQ
.openx.net/ Name: i
Value: 0d4605af-a083-0455-2196-d3dce49a7cb0|1696469807
.openx.net/ Name: pd
Value: v2|1696469807|gen0vNvQiygu
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-05T01%3A36%3A47%22%7D
.servenobid.com/ Name: pid_312
Value: 4930783210065455397
.servenobid.com/ Name: pid_337
Value: y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
.servenobid.com/ Name: pid_339
Value: y-NxOFyA9E2uE4eZqgx5D0Te1MnO7dIRAJ049TYyE-~A
.adform.net/ Name: C
Value: 1
.lijit.com/ Name: ljt_reader
Value: HbsArRZHJK9Add47SEa8-pQi
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.gumgum.com/ Name: vst
Value: e_c9fe4365-7f12-45d5-ab24-9a4851336768
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjM3sjA0MDA2MhTiM9SNKvMx9K1KzMwJi8wFAKILSy4lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjM3sjA0MDA2MhTiM9SNKvMx9K1KzMwJi8wFAKILSy4lAAAA
.go.sonobi.com/ Name: __uis
Value: b620fc49-c1a3-4124-ac4f-0a86a8378871
.go.sonobi.com/ Name: HAPLB8G
Value: s8695|ZR4TN
.adform.net/ Name: uid
Value: 3510831004177336434
.minutemedia-prebid.com/ Name: wrvUserID
Value: PkamhpD-kp_mm
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-9fbf5bc1-b348-3665-a80e-caf261384f62
.servenobid.com/ Name: pid_353
Value: 0000EEA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.3lift.com/ Name: tluid
Value: 3588385148432503341868
.turn.com/ Name: uid
Value: 4376977297601938432
.csync.loopme.me/ Name: viewer_token
Value: 40ba6149-2144-4dd8-9659-f5bcf4b09826
.yellowblue.io/ Name: wrvUserID
Value: U3zmhpD-Cp_s
.servenobid.com/ Name: pid_333
Value: ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB
.servenobid.com/ Name: pid_309
Value: e_c9fe4365-7f12-45d5-ab24-9a4851336768
.servenobid.com/ Name: pid_332
Value: b620fc49-c1a3-4124-ac4f-0a86a8378871
.servenobid.com/ Name: pid_324
Value: 5144588526728100321
.servenobid.com/ Name: pid_348
Value: PkamhpD-kp_mm
.servenobid.com/ Name: pid_310
Value: HbsArRZHJK9Add47SEa8-pQi
.creative-serving.com/ Name: tuuid
Value: 47386a96-cf22-41d2-b0e2-9458f41308dc
.creative-serving.com/ Name: c
Value: 1696469809
.creative-serving.com/ Name: tuuid_lu
Value: 1696469809
.ads.stickyadstv.com/ Name: UID
Value: 8b8333fa33b7c52376e89630e5b756
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZR4TLD8J-Rbq8oGvwfm8gwAADKIAAAAB
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4FDEB18C-58E0-4AAA-84D0-6213865B48ED
.contextweb.com/ Name: V
Value: FFtPw5RPtO8r
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 590b68e5a645fc6b
.360yield.com/ Name: tuuid
Value: e13471e4-f332-4795-8520-2b18f81aa252
.360yield.com/ Name: tuuid_lu
Value: 1696469809
.creativecdn.com/ Name: u
Value: jzN6RAo0Hm0y9iaLVG5A
.creativecdn.com/ Name: ts
Value: 1696469809
.smartadserver.com/ Name: pid
Value: 6824545069247987902
.servenobid.com/ Name: pid_352
Value: U3zmhpD-Cp_s
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZR4TMQAAA1yYQwA4
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.outbrain.com/ Name: obuid
Value: 8164178b-ce6c-4c3b-af53-b6c1f157746c
.servenobid.com/ Name: pid_317
Value: 6824545069247987902
.liadm.com/ Name: lidid
Value: b396c45d-0cc1-419d-8e4d-59e6b7c79f15
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2eap:19e0~2eap:198o~2eap:175w~2eap:18z8~2eap"
.dotomi.com/ Name: DotomiTest
Value: 3db917ee4b5c1937
.quantserve.com/ Name: d
Value: EP0BEQGOKvijCJiTAA
.ctnsnet.com/ Name: cid
Value: 9a51f9863f05423fb39e71b2317e9bee
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003%22%7D
.servenobid.com/ Name: pid_316
Value: 4FDEB18C-58E0-4AAA-84D0-6213865B48ED
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 79567aac-e5ec-5216-9fbd-a5f4faa3b6c6
.betweendigital.com/ Name: ss
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3Ak9yPmhABSK77uZigDA-f8W-fxiKqEGn2.ifFohGYCe6YwN5t38gnHKYrmcWluWbifXI1Fntqk01o
.sitescout.com/ Name: ssi
Value: 47df6088-158f-499e-8c80-48b5a63f48d5#1696469810529
.adfarm1.adition.com/ Name: UserID1
Value: 7286282352608606349
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5144588526728100321
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Bzi9fwA-vnkcb7opBWihLQlovngcPul-CTusZUdG&KRTB&19420-Bzi9fwA-vnkcb7opBWihLQlovngcPul-CTusZUdG&KRTB&22979-Bzi9fwA-vnkcb7opBWihLQlovngcPul-CTusZUdG&KRTB&23403-Bzi9fwA-vnkcb7opBWihLQlovngcPul-CTusZUdG
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGP1zaxSnBtKXxWE7AtVI08&KRTB&23025-CAESEGP1zaxSnBtKXxWE7AtVI08&KRTB&23386-CAESEGP1zaxSnBtKXxWE7AtVI08
.weborama.fr/ Name: AFFICHE_W
Value: U-akyylXYttT29
.adsby.bidtheatre.com/ Name: __kuid
Value: 78410c84-3107-4d4d-9a08-bb01f39f3460.465683810
.richaudience.com/ Name: pdid
Value: 7f2c69e3-4552-4e51-8037-1zz1696469797
.de17a.com/ Name: guid
Value: 1.8340022359660435394
.betweendigital.com/ Name: ut
Value: ZR4TMgAJbhCwzCttuB6gpCL2ucu0bR3jshgH-A==
.servenobid.com/ Name: pid_321
Value: RX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_78a6957e-0cff-4a44-9ae5-e598e99ceb3f
.adx.opera.com/ Name: UID
Value: OPU57b3d93681b349868f2d1466565d6283
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NjQ2OTgxMDY1MX0
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqNoFBzwkRmMFqbBgMWySGKnddJL2ro259nQzSmeaMh0TyULc2uVTfLaGpIWSLMGcohVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.us.ck-ie.com/ Name: CID
Value: 73d87a0cec92d4c187fcbf43f5c86766aee30042
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1n8k|7dN.0.AAEi_07KPCYAABjTPVueOA|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4930783210065455397&KRTB&23339-4930783210065455397
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7286282352608606349&KRTB&23369-7286282352608606349
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-gXXf2Fl8XqJBI9dANIBNMMPOaYQ&KRTB&23334-gXXf2Fl8XqJBI9dANIBNMMPOaYQ&KRTB&23417-gXXf2Fl8XqJBI9dANIBNMMPOaYQ&KRTB&23426-gXXf2Fl8XqJBI9dANIBNMMPOaYQ
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4376977297601938432&KRTB&23150-4376977297601938432&KRTB&23527-4376977297601938432
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3510831004177336434&KRTB&23263-3510831004177336434&KRTB&23481-3510831004177336434
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAI9U1sk9P0LwNJzh6XAAAAAAA&KRTB&22713-AAAI9U1sk9P0LwNJzh6XAAAAAAA&KRTB&22715-AAAI9U1sk9P0LwNJzh6XAAAAAAA&KRTB&23519-AAAI9U1sk9P0LwNJzh6XAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU57b3d93681b349868f2d1466565d6283&KRTB&23485-OPU57b3d93681b349868f2d1466565d6283&KRTB&23524-OPU57b3d93681b349868f2d1466565d6283
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-47df6088-158f-499e-8c80-48b5a63f48d5-651e1332-4348&KRTB&23418-47df6088-158f-499e-8c80-48b5a63f48d5-651e1332-4348
.audrte.com/ Name: arcki2
Value: 16erwtu5WEXTFaHhk4oIgSp1g!20220908!1696469810664!ip#195.206.105.132
.audrte.com/ Name: arcki2_pubmatic
Value: 4FDEB18C-58E0-4AAA-84D0-6213865B48ED!20220908!1696469810667
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: c76db39f7b0eba68328c081240eacf41
.socdm.com/ Name: SOC
Value: ZR4TMsCo5s4AAMPrLfwAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-bac187e5-310c-4a69-8234-373032cc077a
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8340022359660435394
.servenobid.com/ Name: pid_323
Value: LNCIBI58-6-6WQ8
.tribalfusion.com/ Name: ANON_ID
Value: a3ntuJM0ing9PBmSTEpS7f0wmCmmYa1g2WuZbiSYpnDRWYWZb3QsZdUHr5ajDpMVJCVjprxejAJimTHrRpEVlTyZdnuE
.smartadserver.com/ Name: csync
Value: 86:4930783210065455397|117:fd4b58a756251777045817d32d79c87d|127:AAEi_07KPCYAABjTPVueOA
.smilewanted.com/ Name: sw_user_params_infos
Value: AVf6YRpCHERHR%2FZhRFQjC2vkoVarv8U71YVUNQ8fpeTKYBefdR4v2Qaao4B7nxVRbBOAoc7bBGkCPeWtCMRj8XrvRjVrLa2uNns0hxvZgcdi8cxV49KVvUgXN2q11Gnb%2BDR0v4wkGe5CaXMxmm6OlOhJ3j8Dc9cjYesjCzOpD5YUdTFxIvO9fch3UjgpnCgJflCZESHjan1GrA4Dqj1IQpwSQokoQFnmoNLmTm3WjoOKjkCOEvla8Qym0vVRUE6wmA84%2BcsylWJ5x3kRnX20TMTzApLsFGF5IOmJ%2FWSa7OUO7z1duRYY5YMhJZ7%2BE0k4LEgLLKEWt%2F2k0IS16%2F%2B5msQFLzrgxE0c%2FMDZ9IPBU8Q0vVom%2BLUUlP11NP2%2Bjy5StVGPGQqCnU5tQ%2BDv7Jx%2FDA%2Bx%2B8QzLmsfPOkXLJ7ndUs%3D
.servenobid.com/ Name: pid_346
Value: ua-9fbf5bc1-b348-3665-a80e-caf261384f62
.audrte.com/ Name: arcki2_ddp2
Value: 16erwtu5WEXTFaHhk4oIgSp1g!20220908!1696469811004
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEi_07KPCYAABjTPVueOA
.audrte.com/ Name: arcki2_adform
Value: 3510831004177336434!20220908!1696469811580
.rezync.com/ Name: zync-uuid
Value: 7111c108-b99e-43ea-85ee-d8e78a48b604:1696469811.6869104
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMuw2AMAxFUTEAVQqmCPJTjD9sk4AXoqRkBMZgKrogylPcew8jxIXFDVRUjqQKYANZbu6RuUTNtkTk3UKtsjUhXnuEWUwcxGf6TlDX6297pm5yYrznB5JpegAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4HAjHofdJJFGUnl295UJYMFls6otnh6mt9t-dWqEJj0-sBgsATfFgscBgTK56DoAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNysEOgyAMANB_6VkWiqUUfsag9kA22WLdZcZ_n8eXvBOmj-5b7doPKMf-1QGWV7tlUE6w9tv0CQUiEkWRGDgFQe_HgHANYGrW3n1q630SIi7oxc05q6NRq5Oo6lbRJJVkZk8FOTNxFsQHC2f0BNcfppIlfA.ZR4TMw.3Xr-vFySxuICecOMB8dQayg7JOg
.rlcdn.com/ Name: rlas3
Value: hi3VZXlihUwFmTjDtcFF7QnLKp1MmNlnxBnEQBeG+qw=
.rlcdn.com/ Name: pxrc
Value: CLSm+KgGEgUI6AcQABIGCLrqARAA
.admanmedia.com/ Name: admtr
Value: 1f69e953-50fd-46b4-b363-4fcfaf713522
.admanmedia.com/ Name: ac_r
Value: CS71
.pubmatic.com/ Name: DPSync3
Value: 1697673600%3A226_219_197_245_241_235_201_227
.pubmatic.com/ Name: SyncRTB3
Value: 1699056000%3A203%7C1697328000%3A63%7C1701648000%3A69%7C1697673600%3A166_249_13_161_165_99_233_71_251_220_22_214_264_243_176_55_56_21_3_204_8_88_238_81_46_254_234_54%7C1697760000%3A35%7C1697068800%3A2_223_15
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d1a22936-ea83-4ee6-beb9-68951a05efe9-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 9
.pubmatic.com/ Name: pi
Value: 0:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1696491412870
.onaudience.com/ Name: cookie
Value: d4b054263aafa086
.onaudience.com/ Name: done_redirects147
Value: 1
.zeotap.com/ Name: zc
Value: a91136a8-7e86-4395-4bad-28741e4e8410
.semasio.net/ Name: SEUNCY
Value: A1FA1EA5A4894B6E
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-Ecv7Kmx8QWhaVWXUYggMgaSU
.pubmatic.com/ Name: PugT
Value: 1696469812
.pubmatic.com/ Name: SPugT
Value: 1696469814

14 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202204/8da21c35dec9615f394d66cdd2aadf56.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202011/5a654cee70484d2296d24238fa7cdaad.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/44711896d5f091b0f04a5014c731d6e3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/360780741ba4695115bc9d8bd09aea66.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/36fbeb3a5b7bd9a27b6e50a45d8bea4b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EveGktamlhLXpvbmctaGUtaHVhbmctbWEteGluLW5pYW4tc2hvdS16aGFuLXNoaS1saS1iYS1zYS1rZS1jaGFuZy15aS1xaXUteGlhby1zaGVuZy5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://idsync.rlcdn.com/474599.gif?partner_uid=1570ba70-3c4c-4fef-b7d2-f465dd2c6a38_ch&cv=&_t=1696469805420
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZR4TLD8J.Rbq8oGvwfm8gwAA%263234&gpp=&gpp_sid=
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

961a8a37c532592880c5d6c73eddf1da.safeframe.googlesyndication.com
964c25b6500fbfe5d9f87001552574e4.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ac5f8338fb672bf925bc2332509ea5f6.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.sitemaji.com
ad.turn.com
ad.vidverto.io
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yap.yahoo.com
adx.holmesmind.com
adx3.adform.net
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
an.yandex.ru
ap.lijit.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
casale-match.dotomi.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d.turn.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.yahoo.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
live.rezync.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
s8t.teads.tv
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
studio-t.teads.tv
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
t.teads.tv
tags.bluekai.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
static.bg3.co
103.231.174.251
104.18.25.18
104.18.26.193
104.20.218.77
104.22.69.131
108.129.25.174
13.248.245.213
13.32.27.99
141.226.228.48
141.94.171.212
141.94.171.215
141.95.171.142
142.250.186.34
145.40.97.67
15.197.193.217
151.101.129.44
151.101.193.44
151.101.2.49
152.199.21.70
162.19.138.82
162.210.196.208
162.55.120.196
162.55.233.29
169.197.150.8
172.104.70.67
175.110.113.211
178.250.7.11
18.184.148.2
18.194.126.126
18.194.158.176
18.197.134.14
18.66.147.73
185.106.33.48
185.180.220.208
185.184.8.90
185.64.190.81
185.64.191.210
185.84.60.21
185.86.139.103
188.42.34.64
192.96.203.13
193.0.160.130
193.108.153.21
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.20
198.47.127.205
2.18.161.51
2.19.198.33
20.127.253.7
2001:4860:4802:32::3
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
211.120.53.206
213.155.156.166
216.52.2.16
216.52.2.48
217.182.178.228
23.201.255.110
23.212.211.126
23.212.88.20
23.212.89.35
23.213.164.226
23.213.164.238
23.52.120.27
23.97.225.52
2600:1f18:24e6:b901:34fb:55f:e11a:2d83
2600:9000:2057:4400:1f:4c18:bd40:93a1
2600:9000:223c:5c00:6:44e3:f8c0:93a1
2600:9000:2250:ec00:0:e06c:e940:93a1
2600:9000:2251:d400:1a:5235:f980:93a1
2602:803:c003:200::51
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:10::ac43:db6
2606:4700:20::ac43:47fe
2606:4700::6810:5514
2606:4700::6812:19ad
2606:4700::6812:1bc1
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1288:110:c204::b000
2a00:1288:80:807::2
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::2008
2a00:1450:4001:808::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a02:2638:3::3
2a02:2638:d::a
2a02:2638:d::d
2a02:6b8::90
2a02:fa8:8806:13::1370
2a04:4e42:600::649
2a05:d018:d29:3601:66f9:a65a:1e1c:e51e
3.64.76.61
3.71.149.231
3.75.110.88
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.160.236.64
34.204.154.179
34.236.109.207
34.247.205.196
34.250.19.175
34.253.57.114
34.98.64.218
35.186.193.173
35.186.215.140
35.186.253.211
35.204.74.118
35.214.197.226
35.244.174.68
37.157.3.26
37.157.6.243
37.252.171.85
46.228.174.117
51.83.220.94
51.89.9.251
52.18.35.108
52.208.171.144
52.211.253.239
52.31.202.102
52.46.128.147
52.48.26.222
52.73.237.207
54.146.162.150
54.236.179.17
54.239.33.159
54.76.77.157
54.77.82.203
54.78.254.47
64.202.112.63
64.227.64.62
69.166.1.34
69.173.144.137
69.173.144.139
69.173.144.165
69.173.151.100
72.251.241.196
75.101.242.68
77.243.51.122
77.245.57.72
8.2.110.114
80.77.87.166
82.145.213.8
85.114.159.118
87.248.100.136
95.101.149.233
95.101.149.35
98.98.134.242
019b8c7cadd7f78124a960ba9cc838ba69b25d34ef0e472e60f4a867d0fc3725
01c8d952588a93ecd0d6e4d1827af0d23a9d17325eed814c571c42a7b5181a41
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
051c59950af6c7aa2eb3263aad7c2dfaacc24fec20bb40a8ac7c838e498785f2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0ad2df2d61d5d01ba21624eb8e3a0fa2b4de26c9ad72fe46af956c63815c9d7a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b885e9682b660b1ce7804b282e2c9c9759f28f63142c2b729d25221e04772b7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b99dde3004c675ba348579c244f91a68bcf8a65fe67153158c779124464ad06
1044511ad5afac1b13740cd5edad7f3821f9e5e907a29c61877cf2e1ef547192
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
160e31480ff98acc7bfae34d07797f6e1a81bce9bfa2a9f738df41e3d23ad8a4
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
193ef47cd0db844399e47c22ebb46ff4b9750620b6c0ef2fb5f7f3dc4ba25f35
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c2e1f5ecdf52c51a78a4a676504b355bfe8adcd95ebad6e2cdf3f14764ce87d
1cd9c4774e7dcc5ce58b6a0a17a964b3f60586c308242ee53dcf552e97a8cec5
1d7ee0e73089af7c98fbd11ba883051e4e759a24d0e2787e991c1595b5cb9dd5
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
218a0bba5fdbf013660d772fb17871afb9cf0fdab17f9a24908c4cc436c86d76
21da260a17ffdeb8ae837497d34cd8e0b605def8c778930d1a7421190aca1192
2463f27e9907ec7ae42d30240a78616038fa7cc20cae193c1dc489a7140114c1
2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27d3d3fd0207987635f131c6f43bc408a8efe1495d1bc466d40eb3f70eba319d
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
29d14696688c8e6685b06e7fc9b81ec52c922b5313358565165f3d42f941db3b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0b2bf8e11124e1b61d37311103102581efa71df77d753bbcf931d1f2e196e6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d76dc6fefa04718f5a74722fceccf283b30cd18a14634bdad7579bf2bd3f0dc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2e1c3e69122803c91a2eded9f6314186402f803ef02bc59ab6d7daf552eb3ab9
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3002820316b448eaefcc6399e87d5d0f9189a9eba0c67eb68f0931eafb0bb2f9
30947b4dd1ea5da506731e092a97450076be3b9c0f864571eddc17c0d417af90
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
30d4b5c37756882cba7485ed2fb9aa7584706169e009301a994501fe42d79759
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37727a6044b9f7422f009a879c6be69420b1d72243bb2f8a3fb7e2f1239848c3
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ada8d2e2c4841a05242e249f31b0f8753b1c568cb116e29fa8ffb0b95e128cd
3ba7f40e2b4080979389e9b81e6d0ed155e9b7f74b3310bc1289ee70cba2035d
3beda3293307ed2809f14885cefb9d0933f0ec17ad6f086c7fde594763428e22
3c9a309866560888fa3532703173649000953b858596b3f7708bc3c376cb63f4
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db25eb80fb4d90ab88453d07eb9edf46a58d231f2687521992ce047970c6d61
3e12fdd144004905cb0357ae3812aa1a9506cbba47a20589bb4453ff1870fafc
3e13c1d33dbffe4c778fa2b133363988b8c7a4de94a4ba64b4034f5d994aa13c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
429791f9f595711b26b12895436e8fadfa7790d04dab7e3a225f6fd01fcfe1f9
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4445f8b4aa90508060b51297d772e8dc523bd985cd21c612d692738eab9c46d2
45d88d2a04660c581b9bc3db3ea8cdae586d9424c48c60956a1142e9fabc9a1e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dec0ebd0d1ac85f1b558fd7653aa8e246d435796243fd3e886ff8f015be71ff
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee9f8507b0df9e1f67b8b46f8c5974390b83edf7ce0178aa4fe760a2300fb56
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f8c39761a2d5d2a4eb17d0be6c55e98155b90eabc14041917a0ea678972eb24
4fa2e54f14f97f0dbbfe4b2045f78e943a2707afc0f3fa747786cfba7388530f
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5126ae213c7549764203ac8959a8671dd289eaec5aa2b5f3731e6f237201eec4
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a1651a232364d8c3a838791c3610f38c5a61579c90b1b421e9cafce58a68ebf
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5b2d4771eca82fee71c88c5479912851b57a6517186ff9bfd37c18ed6dda256e
5cee5162170c4ed6238a4fc468582e829a6dc3363c14823bff33f34a45293a53
5e14b07ae2816b7391fefcf4392d022a706f5440a626231359b14bd513fa7f46
5f7ffef8f085a2c56250bba51835fbb0d64cd1f1b1c898e88179d8febb1fd62a
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
60f7936eace3195791445ce6d7340149cbeea4b73c404813ebb49521949ebfc2
614743e498d93cb511832a9a094873efb529fb5d73ab0fb18eb62683b3497bf9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
630a3f8a077b1f48b86683c02eae35cc0dfcf765b0e82fb8381b610cdd6e47c8
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9
67646f6c32dc90f5422ab184ad1e600bb6327c5ef96a34503136ce0c202ef638
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae29fc84acb9dd0fe8f5ec22caf261572882a73b0cf3188a3ec3e2facc09bd3
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cd09dc06f91652b178d12d60fff682c15494d15299a3dc596c8b42410ad0d63
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6ecedaa29df2007cc425ed5e55b68ee7e03e040c7f1865097b6b8bac819c8119
6f0e52c2272c85e5dc7d7b69b955c09d8b98f6de7e5c9cf592ff7d22f30c54af
6fe9129bf173ec20621c8550677300a830f6b1a5c1e8bf0a5d8a7f83d4e45a4a
703d63ef45f72472939b1aa31f1a8c4b3ac84bcb6ef2c2b8378669b04e0e6130
710ccb5a041f38a2c181412d864edcdd8e46ce797d2365984bd4589e0f781ac4
71c87286b7656c279d8c6276b6602373709af8c8d4405cf94dc74e71ac9fd3b4
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
759b9e1dbefd25c960d9a55485f678003177c9ab30f64f1dd099c5953e41f56e
76787ae0888fcb5ea843a295eed194941c207376f954d980e6db49a4c7cac114
76f9104a732edcd1aaad9885e0943715afb075b48e92a74b75b615a7e388ad71
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6
7811638876e407d9b2f724d0d8d5fbe08e234952c19441116e1332e124807019
7999e7cdcaec5ae66383870c108e66ece8c7ba5c9c967c994f79d5c662b192e1
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7b4278927334fc311c530af36923dfcad7d0d06b1757f204b5898678dea4c9fd
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7c859979be444e15b0bed90c9d467f8cfe3feacc4d577471af31a0c6c2261851
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81d346cd690e79e7a6c9c5150088ba24600d44f1cf682e4d0974c6c45b3c97d5
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
83eee0a6397a7925930434db9f5c205b9ed8ce4dfcf0da83f5888a944b9eb65c
83fbf1c6d21681b93051a598abe8903c7bc8569f8795d8782976346d370c6abe
8756d3367261f5dfcbef03be86fb4b956f889917fbdd3b72c300d8e1dcdc5f47
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d851e6c8c8a6e73b6d2721055e916904bc5b84842a47890616d7b2e0632f563
8e2a7052a3b091a84e696ca11c0222ce2ecda2492f3e57339b5ea476435a9fa9
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55
901c447116f25250f4ec32a1d5bbd520c61f036a4bd1050d6efb280cf474efba
90adb1a8b98f9f4ef679da8861adbc25ebc7588d5234a54aef4b12ac0cd3b570
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
929d35de31238ff5d8ae3ce3deee0e2f78cb0d92f3c3075b6806c71763fcec92
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9cf8c82567d061fb3cf6f5b6f844f3b0e317fefb3b1d6f05578bca89930f4637
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9da30b225be90fc0c101b01ab32d181acc00d9c62de5d1b919ae56faf6e5addf
9e4d787d977deaa3b633bd08c19c485581b0696a29e3b97bad2f8be2a4b01cf0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef
a1543eba9f5b814bcedf0b5451b4cc4f426384f817fe2e48832aebc1c8057208
a15c16ca9475dfb94ef179b5cbc9094f456f6215cb007d00cec499c735fe1622
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a508f38a4d76769131cd01e28038e5d000f040ca1ce962cacd05ca87e301a3c0
a74681c0934ab435c04e7b0de3990d77f1da81d5ecf8aed4a4a2b93096c10b7b
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad642383b56f966a70bfc92c9b64bcee93164f4ddf14219ff931f4b26f62ee66
b13ea151f5e852f00a460542b379f0a01d456a7cdcb8b1a498184c85db0233d9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3300219696003daae85f622c7ae10a5fe7e9dc5c892768a54c9db3368d8166b
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b85e0364f0e531e77a478777cdde2c40eb0ac93c126a3bc6c19f922e4135b134
ba12ea8892db99045977b015ae33b22b37a9d601c448e953e3e69fae95bab251
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd4aa96d858f0fad7a717213c7cb2c8378d81795aaeed31580a859d4739be97
bd97b1cb106742243d5ad855f584be2c3179521cfc8a8dbaab27f33b48a5adb9
bf5bb9c7cf64cecd0059e881cd85726c0b95541e6c14a789404eb4f3fa7201b6
bf8634bb0d371728e4201aae0128205805d985c97320190a9fd6f65687b11d90
bfbb8822dd512114019f9b4fd21800f666fdd6c179362107620012adf48ae119
bfedcc9a341630205f4fdad1b394786da6b1aa754cd85bdd177777824163af50
c1a51dd69ca045ea64d77efb10676300f5d217f6034fb6b0bea7b6acba97a21e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c7ac3185014dbe0b6bdaa25b73123c58b84cb1dc644a2a5ef3366a61102fa07b
c930218a7329f9a602afceefc667804448908afb5048d9db9bbb31ea85486562
ca7a8672a07fab48b90d072b49a0b88a112113c195f43526dd9ab8c60145ecd7
ca85c7f53fc27524b07ea3553cf8cb9b3235bd7698f1d61a42621cd5d1cd48a9
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf60c420f471d7669d58a6ba6a89828bbc2a7b1abc1d0a3d72421fcde3101a07
d06695c14b4eab9e1116ad9d22e42eacc5a62503b915cb22ab50076c2dca2d20
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4d5729623f3c72dc0c20850f5e08a58a22e697a7fba2b28ad87b0ca712c3b5d
d4de6c8a24d8959593744ade6de22ed29b5404dcdd0243d43e52209b56383f66
d68c4fdfb446fe1080fa613d7a38fb08b2e3cb6906aa805aacf2357a4cfa2dbc
dba4c7a4241813f1b6b59466b158b457d5d19d0e077ba462c32b461a92fa6981
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e257c4892b094c8a00d46acaf3897a8ed9476c3a400cf53f4057c71e1fe97e5e
e3414be21f73e767f8f31b5aeedb8911fca0c04029b9eeef7ee7aabf187cef41
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6
e4c827a216d3b126750b0202c5793003f24d6002f21ff2300200c6019829929e
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
eacb66affcda009d1ff835d6c51805ff0cec4e517b30fd6335308e314aa62da7
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eeb73b868e0d6e9731ffd9d6ff4643690ec72a3174484e212ff25103e5e9c7eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cf7f6b545e3bca01c1d76754a14719ce1329ab67177bd145767c2f2bc75fd8
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
fbeae705d4be5e0be558f5eb697b86bddad0ae4ca1f5aa5941c82fcb764f0b84
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff17b8630719315504de11eb21395948b10ae7bcf47c361f27bdce55472eb763
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0